WO2015144041A1 - Network authentication method and device - Google Patents

Network authentication method and device Download PDF

Info

Publication number
WO2015144041A1
WO2015144041A1 PCT/CN2015/074961 CN2015074961W WO2015144041A1 WO 2015144041 A1 WO2015144041 A1 WO 2015144041A1 CN 2015074961 W CN2015074961 W CN 2015074961W WO 2015144041 A1 WO2015144041 A1 WO 2015144041A1
Authority
WO
WIPO (PCT)
Prior art keywords
network element
key
terminal
message
access network
Prior art date
Application number
PCT/CN2015/074961
Other languages
French (fr)
Chinese (zh)
Inventor
赖晓龙
曹军
铁满霞
Original Assignee
西安西电捷通无线网络通信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 西安西电捷通无线网络通信股份有限公司 filed Critical 西安西电捷通无线网络通信股份有限公司
Publication of WO2015144041A1 publication Critical patent/WO2015144041A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Definitions

  • the present application relates to the field of communications technologies, and in particular, to a network authentication and authentication method and device.
  • the AKA protocol is adopted in the authentication and authentication phase of the Long Term Evolution (LTE) network.
  • LTE Long Term Evolution
  • security vulnerabilities in the authentication and authentication phase which are embodied in:
  • the authentication vector is vulnerable to attack during the delivery process.
  • PLMN public land mobile network
  • the network element of the home network sends the authentication vector to the network element of the roaming network.
  • the authentication vector traverses different networks and is vulnerable to attack.
  • the purpose of the application is to provide a method and device for network authentication authentication to solve the security problem existing in the LTE network authentication and authentication phase.
  • a method for network authentication and authentication includes:
  • the terminal generates a second temporary public-private key pair, and sends a terminal hello message and a terminal key exchange message to the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal key exchange message includes the second temporary public key;
  • the access network element sends the terminal hello message, the terminal key exchange message, and the access network element hello message to the first network element, where the access network element hello message includes an access network element identifier and access The backward number of the network element;
  • the first network element sends the terminal hello message, the access network element greeting message, and the first network element backward greeting message to the second network element, where the first network element backward greeting message includes the first
  • the network element returns a random number and a first network element to sign a certificate
  • the second network element sends the authentication vector information to the first network element, where the information required for the terminal verification in the authentication vector information is signed by using the second network element signature private key;
  • the first network element acquires the authentication vector information
  • the first network element generates a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, and uses the obtained authentication vector information, the second temporary public key, and the Generating a first consistency check key by using the first network element exchange private key and the first temporary private key, and using the first consistency check key to send the terminal greeting message and the first network element forward
  • the hello calculation of the hello message generates a first message integrity calculation result, and sends the authentication vector information, the first network element key exchange message including the first temporary public key, and the first network to the access network element.
  • the meta-forward greeting message and the first message integrity calculation result ;
  • the access network element generates an access network element temporary public-private key pair and an access network element forward greeting message including a forward random number of the access network element, and uses the obtained authentication vector information and the second temporary public key.
  • the access network element exchange private key and the access network element temporary private key generate an access consistency check key, and use the access consistency check key to the terminal hello message and the access network element.
  • the terminal verifies the signature in the received authentication vector information by using the saved signature certificate of the second network element;
  • the terminal After the verification is successful, the terminal generates a second consistency check key by using the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. And generating, by using the authentication vector information, the terminal identifier, the access network element temporary public key, the terminal exchange private key, and the second temporary private key, a third consistency check key;
  • the terminal uses the second consistency check key to perform message integrity calculation on the terminal hello message and the first network element forward greeting message to generate a second message integrity calculation result, and complete the second message complete
  • the result of the calculation is compared with the result of the first message integrity calculation sent by the first network element. After the comparison is correct, the generated second consistency check key is used to forward the first network element to the greeting message and The second message integrity calculation is performed by the terminal greeting message to generate a third message integrity calculation result;
  • the terminal uses the third consistency check key to perform message integrity calculation on the terminal hello message and the access network element forward greeting message to generate a fourth message integrity calculation result, and complete the fourth message complete
  • the result of the calculation is compared with the calculation result of the integrity of the access message sent by the access network element. After the comparison is correct, the third consistency check key is used to access the NE forward greeting message and The terminal hello message performs a message integrity calculation to generate a fifth message integrity calculation result;
  • the access network element uses the access consistency check key to perform a message integrity calculation on the access NE forward greeting message and the terminal hello message, and generates a sixth message integrity calculation result, using the sixth message complete.
  • Sexual calculation result After the fifth message integrity calculation result is verified, after the verification succeeds, the access network element authentication success message is sent to the terminal;
  • the first network element performs a message integrity calculation on the first network element forward greeting message and the terminal greeting message by using the first consistency check key to generate a seventh message integrity calculation result, and uses the generated The seventh message integrity calculation result verifies the third message integrity calculation result; after the verification is successful, the first network element sends the first network element authentication success message to the terminal by using the access network element.
  • the second network element sends the authentication vector information to the first network element, which specifically includes:
  • the second network element searches for an exchange public key of the terminal corresponding to the terminal identifier
  • the second network element After the second network element uses the signature certificate of the query center to verify that the signature is correct, the second network element sends the authentication vector information to the first network element, where the authentication vector information includes: an exchange public key of the access network element, The exchange public key of a network element, the terminal identifier, the exchange public key of the terminal, and the signature of the terminal greeting message, the exchange public key of the access network element, and the exchange public key of the first network element by using the second network element signature private key Using the signature private key of the query center to sign the access NE greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the exchange public key of the first network element, using the query center The signature of the signature private key to the first network element to the hello message, the terminal identifier, and the exchange public key of the terminal;
  • the method further includes:
  • the first network element uses the saved certificate of the query center to verify the signature of the first network element to the hello message, the terminal identifier, and the exchange public key of the terminal, so that after the verification succeeds, the first temporary public-private key pair is generated.
  • a first network element forward greeting message including a forward random number of the first network element;
  • the method further includes:
  • the access network element verifies the signatures of the access NE greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the exchange public key of the first network element, so that after the verification succeeds, Generating a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number.
  • the authentication vector information further includes the first network element signature certificate and the verification result thereof, and the use Signing of the first network element signature certificate and its verification result by the signature private key of the second network element, the terminal signing the received authentication vector information by using the saved signature certificate of the second network element
  • the method further includes: the terminal acquiring and saving the signature certificate of the first network element; and/or, the authentication vector information further includes: the first network element signature certificate and a verification result, and a signature of the first network element signature certificate and the verification result thereof by using the signature private key of the query center; when the access network element uses the signature certificate of the query center for verification, the method further includes The access network element uses the saved signature of the query center to verify the signature of the first network element signature certificate and the verification result thereof. After the verification succeeds, the signature certificate of the first network element is saved.
  • the authentication vector information includes:
  • the authentication vector information further includes a first network element signature certificate and a verification result thereof, and the first network element signature certificate and the verification result thereof are performed by using the signature private key of the second network element.
  • the method further includes: the terminal acquiring and saving the signature certificate of the first network element And/or, the authentication vector information further includes the first network element signature certificate and a verification result thereof; the first network element sends the authentication vector information, the first network element to the access network element When the key exchange message, the first network element forward greeting message, and the first message integrity calculation result, the first network element signature certificate and the verification thereof are sent to the access network element by using the first network element signature private key.
  • the method further includes: the accessing The network element uses the first network element The signature certificate verifies the signature, so that after the verification succeeds, the access network element temporary public-private key pair and the access network element forward greeting message including the forward random number of the access network element are generated.
  • a terminal comprising:
  • the authentication message sending module is configured to generate a second temporary public-private key pair, and send a terminal greeting message and a terminal key exchange message to the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal key
  • the exchange message contains a second temporary public key
  • An authentication module configured to verify, by using the saved signature certificate of the second network element, the received signature in the authentication vector information
  • a key generation module configured to use the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key after the authentication module succeeds Generating a second consistency check key, and generating a third by using the authentication vector information, the terminal identifier, the access network element temporary public key, the terminal exchange private key, and the second temporary private key Consistency check key;
  • a message integrity check module configured to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message by using the second consistency check key to generate a second message integrity calculation result, where The second message integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to match the first network element.
  • the message integrity calculation is performed to generate a fourth message integrity calculation result, and the fourth message integrity calculation result is compared with the access message integrity calculation result sent by the access network element, and after the comparison is correct, the message is used.
  • An access network element includes:
  • the authentication message transmission module is configured to receive a terminal greeting message and a terminal key exchange message sent by the terminal, where the terminal greeting message includes a terminal identifier and a terminal random number, and the terminal key exchange message includes a second temporary public key;
  • the first network element sends the terminal hello message, the terminal key exchange message, and the access network element greeting message, where the access network element greeting message includes an access network element identifier and a backward random number of the access network element;
  • the authentication module is configured to generate an access network element temporary public-private key pair and an access network element forward greeting message including the access network element forward random number, and use the obtained authentication vector information and the second temporary public key
  • the access network element exchange private key and the access network element temporary private key generate an access consistency check key, and use the access consistency check key to the terminal hello message and the access network element.
  • the message integrity calculation is performed by the network element forward greeting message and the terminal greeting message to generate a sixth message integrity calculation result, and the sixth message integrity calculation result is used to verify the fifth message integrity calculation result sent by the terminal, and the verification result is verified. After the terminal to access network element transmits the authentication success message.
  • a first network element including:
  • the authentication message transmission module is configured to receive a terminal greeting message, a terminal key exchange message, and an access network element greeting message sent by the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal key
  • the exchange message includes a second temporary public key, where the access network element greeting message includes an access network element identifier and a backward random number of the access network element, and sends the terminal hello message to the second network element, where the access message a network element greeting message and a first network element backward greeting message, where the first network element backwards greeting message includes a first network element, and then a random number and a first network element signature certificate;
  • the authentication vector information acquiring module is configured to obtain the authentication vector information, where the information required to be verified by the terminal in the authentication vector information is signed by using the second network element signature private key;
  • An authentication module configured to generate a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, using the obtained authentication vector information, the second temporary public key, and the Generating a first consistency check key by using the first network element exchange private key and the first temporary private key, and using the first consistency check key to send the terminal greeting message and the first network element forward
  • the hello calculation of the hello message generates a first message integrity calculation result, and sends the authentication vector information, the first network element key exchange message including the first temporary public key, and the first network to the access network element.
  • the integrity calculation result is used to verify the third message integrity calculation result sent by the terminal by using the generated seventh message integrity calculation result; after the verification is successful, the first network element passes the access network element to the terminal Send first Yuan authentication success message.
  • a second network element including:
  • the authentication vector information sending module is configured to send the authentication vector information to the first network element, where the information required for the terminal verification in the authentication vector information is signed by using the second network element signature private key.
  • a query center that includes:
  • An information acquiring module configured to acquire an exchange public key of the first network element corresponding to the first network element identifier, and verify the first network element signature certificate, and obtain an exchange of the access network element corresponding to the access network element identifier Public key
  • the information sending module is configured to generate a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and sign the first network element back greeting message and the generated message, Signing the access NE greeting message, the two signatures, the exchange public key of the first network element, the first network element identifier, the exchange public key of the access network element, and the The access network element identifier is sent to the second network element.
  • the authentication vector transmitted in the network is signed by the signature private key, and the authentication parties use the consistency check key to perform message integrity calculation, and then verify the result of the message integrity calculation.
  • the authentication is implemented to ensure the security of the authentication information in the process of transmission and the reliability of authentication.
  • FIG. 1 is a flowchart of a method provided by an embodiment of the present application
  • FIG. 2 is a signaling diagram of an initial authentication phase authentication method provided by an embodiment of the present application.
  • FIG. 3 is a signaling diagram of a TAU phase authentication method according to an embodiment of the present application.
  • FIG. 4 is a schematic structural diagram of a system according to an embodiment of the present application.
  • FIG. 5 is a schematic diagram of a terminal according to an embodiment of the present application.
  • FIG. 6 is a schematic diagram of an access network element according to an embodiment of the present disclosure.
  • FIG. 7 is a schematic diagram of a first network element according to an embodiment of the present application.
  • FIG. 8 is a schematic diagram of a second network element according to an embodiment of the present application.
  • FIG. 9 is a schematic diagram of a query center according to an embodiment of the present application.
  • the embodiment of the present application provides a network authentication authentication method.
  • the authentication vector passed between the elements is signed by the signature private key, and the authentication parties use the consistency check key to perform message integrity calculation, and then verify the message integrity calculation result to ensure the authentication information is transmitted. Security in the process and reliability of authentication.
  • a network authentication and authentication method provided by the embodiment of the present application is as shown in FIG. 1 , and specifically includes the following operations:
  • Step 100 The terminal generates a second temporary public-private key pair, and sends a terminal hello message including a terminal identifier and a terminal random number to the access network element, and a terminal key exchange message including the second temporary public key.
  • Step 110 The access network element sends a terminal hello message, a terminal key exchange message, and an access NE greeting message including the access network element identifier and the access network element backward random number to the first network element.
  • Step 120 The first network element sends a terminal hello message, an access NE greeting message, and a first network element backward greeting message including the first network element to the random number and the first network element signature certificate to the second network element.
  • Step 130 The second network element sends the authentication vector information to the first network element, where the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key.
  • Step 140 The first network element acquires the authentication vector information.
  • Step 150 The first network element generates a first temporary public-private key pair and a first network element forward greeting message that includes a first network element forward random number, and uses the obtained authentication vector information, the second temporary public
  • the first consistency check key is generated by the key, the first network element exchange private key, and the first temporary private key, and the terminal greeting message and the first network are used by using the first consistency check key.
  • Performing an integrity calculation on the hello message to generate a first message integrity calculation result and transmitting the authentication vector information, the first network element key exchange message including the first temporary public key, and the first to the access network element.
  • the NE forward greeting message and the first message integrity calculation result.
  • Step 160 The access network element generates an access network element temporary public-private key pair and an access network element forward greeting message including a forward random number of the access network element, and uses the obtained authentication vector information, the second The temporary public key, the access network element exchange private key, and the access network element temporary private key generate an access consistency check key, and use the access consistency check key to greet the terminal with the message
  • the integrity calculation of the incoming message to the hello message generates an access message integrity calculation result, and sends the authentication vector information, the access network element key exchange message including the access network element temporary public key, and the connection to the terminal.
  • Step 170 The terminal verifies the signature in the received authentication vector information by using the saved signature certificate of the second network element.
  • Step 180 After the verification succeeds, the terminal generates the second consistency by using the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. Checking a key, and generating a third consistency check key by using the authentication vector information, the terminal identifier, the access network element temporary public key, the terminal exchange private key, and the second temporary private key .
  • Step 190 The terminal uses the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message to generate a second message integrity calculation result, where the second message is sent.
  • the integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to forward the first network element forward greeting message. Performing a second message integrity calculation with the terminal hello message produces a third message integrity calculation result.
  • the terminal uses the third consistency check key to perform message integrity calculation on the terminal hello message and the access network element forward greeting message to generate a fourth message integrity calculation result, where the fourth message integrity calculation is performed.
  • the result is compared with the calculation result of the integrity of the access message sent by the access network element. After the comparison is correct, the generated third-party consistency check key is used to access the NE forward greeting message and the terminal greeting.
  • the message integrity calculation calculates a fifth message integrity calculation result.
  • Step 1100 The access network element uses the generated access consistency check key to perform a message integrity calculation on the access NE forward greeting message and the terminal hello message to generate a sixth message integrity calculation result, and uses the generated The sixth message integrity calculation result verifies the fifth message integrity calculation result sent by the terminal.
  • the access network element authentication success message is sent to the terminal.
  • Step 1110 The first network element performs a message integrity calculation on the first network element forward greeting message and the terminal greeting message by using the generated first consistency check key to generate a seventh message integrity calculation result, which is generated by using The seventh message integrity calculation result verifies the third message integrity calculation result sent by the terminal.
  • the first network element After the verification is successful, the first network element sends a first network element authentication success message to the terminal by using the access network element.
  • the access network element is an evolved base station (eNodeB), and the first network element is a mobility management entity (MME), where the The second network element is a home subscriber server (HSS, Home Subscriber Server).
  • eNodeB evolved base station
  • MME mobility management entity
  • HSS home subscriber server
  • the access network element is an eNodeB
  • the first network element is the target MME
  • the second network element is To serve the MME.
  • CA Certificate Authority
  • QeC Query Center
  • the operator can deploy one QueC for each PLMN according to networking requirements, or deploy one or more QueCs for each province.
  • the QueC is used to store the exchange public key h eNB of the eNodeB in the management domain, the exchange public key h MME of the MME, and the MME's signature certificate, and query the exchanged public key of the eNodeB of the designated management domain under the jurisdiction of the other network element.
  • h eNB, MME exchange the signed certificate and public key h MME MME or interact with other central administrative domain of inquiry, access to other management domains eNodeB to exchange public keys h eNB, MME exchange h MME public key and signed certificate.
  • Each operator issues a certificate to the network element in its deployed LTE network through its deployed CA:
  • the CA issues two certificates for the HSS in the LTE network.
  • One is the signature certificate
  • the signature certificate contains the signature public key of the HSS
  • the other is the encryption certificate.
  • the encryption certificate stores the encrypted public key of the HSS.
  • the authentication center (AuC) in the HSS participates in the authentication and authentication process.
  • AuC the authentication center
  • the signature certificate of the HSS described in this application is actually the signature certificate of the AuC
  • the signature public key of the HSS is actually The signature public key of AuC
  • the encryption certificate of HSS is actually the encryption certificate of AuC
  • the encryption public key of HSS is actually the encryption public key of AuC.
  • the CA issues a signature certificate to the MME, and the signature certificate stores the signature public key of the MME.
  • the CA issues a signed certificate to the QueC, and the signed certificate stores the signature public key of the QueC.
  • the network element MME in the LTE network stores public and private key pairs (h MME , P MME ) for key exchange, its own signature certificate, signature private key, and stores the signature certificate of QueC.
  • the network element eNodeB in the LTE network stores public and private key pairs (h eNB , P eNB ) for key exchange, and stores the signature certificate of the QueC.
  • the US Subscriber Identity Unit (USIM) card stores a public and private key pair (h U , P U ), HSS encryption certificate and signature certificate for key exchange.
  • the HSS stores its own signature certificate, signature private key, its own encryption certificate, and encryption private key, and stores the signature certificate of QueC and the exchange public key h U of the terminal.
  • the initial authentication phase of applying the method provided by the embodiment of the present application is as shown in FIG. 2, and includes the following operations:
  • Step 200 The terminal (UE) generates a second temporary public-private key pair, and sends a message Msg1 to the eNodeB.
  • the message Msg1 includes a UE Hello message and a UE Key message, and the message format can be:
  • the terminal identity may be, but is not limited to, the International Mobile Subscriber Identification Number (IMSI) of the terminal.
  • IMSI International Mobile Subscriber Identification Number
  • PK HSS public key of the HSS
  • UE.ID (IMSI&0x7FF0, EnC(PK HSS , IMSI, UENounce)
  • EnC ( PK HSS , IMSI, UE.Nounce) indicates that the IMSI and UE.Nounce of the terminal are encrypted using the encrypted public key of the HSS.
  • Step 210 After receiving the Msg1, the eNodeB adds the information and sends the Msg2 to the MME.
  • the message Msg2 includes a terminal hello (UE Hello) message, a terminal key exchange (UE Key) message, and an access network element hello message (eNodeB Hello), and the message format may be:
  • Step 220 After receiving the foregoing Msg2, the MME determines the HSS of the terminal.
  • the MME may determine the HSS based on the IMSI of the terminal. If the information in Msg1 is encrypted using the encrypted public key of the HSS, the MME may determine the HSS based on IMSI&0x7FF0.
  • Step 230 The MME sends a message Msg3 to the HSS of the terminal.
  • the message Msg3 includes the UE Hello message, the eNodeB Hello message, and the MME Hello message (MME Hello) message, and the message format may be:
  • Step 240 After receiving the Msg3, the HSS searches for the h U corresponding to the IMSI.
  • the HSS queries the correspondence between the IMSI stored in the database and the exchanged public key of the terminal, and obtains the h U corresponding to the IMSI.
  • the HSS decrypts the EnC (PK HSS , IMSI, UE.Nounce1) using the HSS encrypted private key before querying the database, obtains the IMSI of the terminal, and then queries the terminal to exchange the public key h U .
  • EnC PK HSS , IMSI, UE.Nounce1
  • Step 250 The HSS sends the eNodeB Hello message and the MME Hello message to the query center, and sends the terminal IMSI plaintext and the terminal exchange public key h U to the query center.
  • Step 260 The query center obtains the MME identity (MME.ID) according to the signature certificate of the MME, queries the exchange public key (h MME ) of the corresponding MME , and verifies the MME signature certificate (MME.Cert), and queries the corresponding eNodeB according to the eNodeB ID.
  • MME.ID MME identity
  • h MME exchange public key
  • MME.Cert MME signature certificate
  • the public key (h eNB ) is exchanged to generate a QUE-AACResp (query response message), the QUE-AACResp includes the MME.CertResult and the AS-UE-MME.Keyinfo, and the MME.CertResult carries the MME's signature certificate and the verification result, and the AS - UE-MME.Keyinfo carries the terminal IMSI plaintext and the terminal exchange public key, and then the query center signs the MME Hello message and QUE-AACResp, and also signs the eNodeB Hello message and QUE-AACResp, and two signatures, MME
  • the exchange public key, the MME identity (MME.ID), the exchange public key of the eNodeB, and the eNodeB identity (eNodeB.ID) are sent to the HSS.
  • the query center may also sign the exchange public key of the MME, the MME.ID, the exchange public key of the eNodeB, and the eNodeB.ID, and send the signature to the HSS.
  • the query center searches the database for the exchange public key and the signing certificate of the eNodeB and the MME. If the eNodeB and the MME are not in the management domain of the query center, the query center obtains the eNodeB exchange public key and the exchange public key h MME and the signature certificate of the h eNB and the MME through interaction with other query centers.
  • Step 270 After verifying that the signature is correct by using the signature certificate of the query center, the HSS sends a message Msg4 to the MME.
  • Msg4 carries authentication vector information, and its message format can be:
  • QUE-eNB.Sig (eNodeB Hello, QUE-AACResp, HSS-UEResP) // Signature using the signature private key of the query center
  • Step 280 After receiving the Msg4, the MME uses the signature certificate of the query center to verify that the signature of the QUE-MME.Sig is correct, indicating that the data is valid.
  • the signature of the signature private key of the query center is verified by using the signature certificate of the query center. Specifically, the signature of the signature private key based on the query center is verified by using the signature public key saved in the signature certificate of the query center.
  • Step 290 The MME generates a first temporary public-private key pair (x, xP) for key exchange and a first network element forward greeting message including a first network element forward random number, using IMSI, MME.ID, and MME. Exchange private key, first temporary private The key (x), the terminal exchange public key, and the second temporary public key (zP) generate a first consistency check key, and use the first consistency check key to perform UE_Hello and the first network element forward greeting message.
  • the integrity calculation produces a first message integrity calculation result and sends a message Msg5 to the eNodeB.
  • the message Msg5 includes authentication vector information, a first network element key exchange (MME-UEKey) message including a first temporary public key, and a first network element forward greeting message (MME-UEHello), and first message integrity. Calculation result (MMEFinish).
  • MME-UEKey first network element key exchange
  • MME-UEHello first network element forward greeting message
  • the message format is as follows:
  • the specific implementation manner of the MME to generate the first consistency check key may be, but is not limited to, the following technical means:
  • the MME calculates a third key seed by multiplying P MME and zP, multiplying h U and x to calculate a fourth key seed, and performing one-way operation on the third key seed and the fourth key seed
  • the MME generates a first consistency check key IK ASME by using the Key, IMSI, MME.ID, terminal random number UE.Nounce, MME forward random number MME-UE.Nounce, using
  • the IK ASME performs integrity calculation on the UEHello of the Msg1 and the MME forward greeting message generated by the MME to obtain a first message integrity calculation result, and the integrity algorithm may be implemented by using a well-known HMAC function or a cryptographic function, and the integrity calculation described later should be Use the same integrity algorithm as this step.
  • the derived function KDF (Key, IMSI, MME identifier MME.ID, terminal random number UE.Nounce, MME forward random number MME-UE.Nounce) respectively generate a first consistency check key (IK ASME ) defined by the 3GPP specification K ASME is then extended according to the key extension method defined by 3GPP.
  • Step 2100 After receiving the message, the eNodeB uses the signature certificate of the query center to verify that the signature of the QUE-eNB.Sig is correct, and saves the signature certificate of the MME.
  • the eNodeB generates an access network element temporary public-private key pair (y, yP) for key exchange and an access network element forward greeting message including the access network element forward random number, using IMSI, eNodeB.ID, eNodeB
  • the exchange private key, the access network temporary private key (y), the terminal exchange public key, and the second temporary public key (zP) generate an access consistency check key, and use the access consistency check key pair UE_Hello to connect
  • the integrity calculation of the incoming message to the hello message generates an access message integrity calculation result, and sends a message Msg6 to the terminal.
  • the message Msg6 includes authentication vector information, a first network element key exchange (MME-UEKey) message including a first temporary public key, and a first network element forward greeting message (MME-UEHello), and a first integrity calculation.
  • MME-UEKey first network element key exchange
  • MME-UEHello first network element forward greeting message
  • eNodeB-UEKey access network element key exchange
  • eNodeB-UEKey access network element key exchange
  • the message format is as follows:
  • the specific implementation manner of the eNodeB to generate the access consistency check key is the same as that of the MME, but the MME information is replaced by the eNodeB information, and the IKeNB, the KeNB, and the NKeNB are generated, and extended according to the key extension method defined by the 3GPP.
  • Step 2110 The terminal receives the message Msg6, and uses the HSS signature certificate to verify the HSS-UE.Sig. After the verification succeeds, the information in the Msg6, the IMSI, the first temporary public key (xP), the terminal exchange private key, and the second temporary private are utilized.
  • the key (z) generates a second consistency check key, and uses the second consistency check key to perform integrity calculation on the UE_Hello and the first network element forward greeting message to generate a second message integrity calculation result, which will be
  • the second message integrity calculation result is compared with the first message integrity calculation result sent by the MME. After the comparison is correct, the first network element forward greeting message and the UE_Hello are performed by using the generated second consistency check key.
  • the secondary message integrity calculation produces a third message integrity calculation result.
  • the terminal generates a third consistency check key by using the information in the Msg6, the IMSI, the access network temporary public key (yP), the terminal exchange private key, and the second temporary private key (z), and uses the third consistency.
  • Check key pair UE_Hello and eNodeB The integrity calculation of the forward greeting message generates a fourth message integrity calculation result, and compares the fourth message integrity calculation result with the access integrity calculation result sent by the eNodeB. After the comparison is correct, the generated third one is used.
  • the certificate check key generates a fifth message integrity calculation result for the eNodeB forward greeting message and the UE Hello message integrity calculation.
  • the terminal sends Msg7 to the eNodeB.
  • the order of input fields is different when the terminal performs message integrity calculation twice. For example, when performing the message integrity calculation for the first time, first input the first network element forward greeting message, and then input the UE Hello; when performing the second message integrity calculation, first input UE_Hello, and then input the first network element forward. Greeting message.
  • the message format of the message Msg7 is as follows:
  • the specific implementation manner in which the terminal uses the information in the Msg6, the IMSI, the xP, the terminal exchange private key, and the z to generate the second consistency check key may be, but is not limited to, the following technical means:
  • Calculating the first key seed by multiplying P U and xP, multiplying h MME and z to calculate a second key seed, and performing one-way operation on the first key seed and the second key seed Obtaining a key Key; the terminal uses the Key, the IMSI, the MME to identify the MME.ID, the terminal random number UE.Nounce, and the MME forward random number MME-UE.Nounce to generate a second consistency check key IK ASME .
  • the terminal also saves CertMME.
  • the specific implementation manner in which the terminal uses the information in the Msg6, the IMSI, the yP, the terminal exchange private key, and the z to generate the third consistency check key may be, but is not limited to, the following technical means:
  • Calculating the fifth key seed by multiplying P U and yP, multiplying the h eNodeB and z to calculate a sixth key seed, and performing a one-way operation on the fifth key seed and the sixth key seed.
  • Obtaining a key Key the terminal generates a third consistency check key IK eNB by using the Key, IMSI, eNodeB. ID, terminal random number UE.Nounce, and eNodeB forward random number eNodeB-UE.Nounce.
  • Step 2120 After receiving the Msg7, the eNodeB uses the access consistency check key IK eNB to perform an integrity calculation on the eNodeB forward hello message and the UE_Hello to generate a sixth message integrity calculation result, which is compared with the UE-eNodeB.Mic of the Msg7. For verification, verify correctly, send Msg8 to MME.
  • IK eNB access consistency check key
  • the message format is as follows:
  • Step 2130 After receiving the Msg8, the MME performs the seventh message integrity calculation result by performing the integrity calculation on the MME forward greeting message and the UE_Hello using the first consistency check key IK ASME , and performs the UE-MME.Mic with the Msg7. Alignment verification.
  • Step 2140 The MME sends the Msg9 to the UE by using the eNodeB.
  • Msg9 is an authentication success message, otherwise it is a failure message.
  • the TAU stage of the method provided by the embodiment of the present application is as shown in FIG. 3, and includes the following operations:
  • Step 300 The UE generates a second temporary public-private key pair, and transmits Msg1 to the network.
  • the message format of the Msg1 is as follows:
  • GUI Globally Unique Temporary Identity
  • Step 310 After receiving the Msg1, the eNodeB adds the information and sends the Msg2 to the target MME.
  • the message Msg2 includes a terminal hello (UE Hello) message, a terminal key exchange (UE Key) message, and an eNodeB hello message (eNodeB Hello), and an access network element key exchange (eNodeBkey).
  • UE Hello terminal hello
  • UE Key terminal key exchange
  • eNodeB hello eNodeB Hello
  • eNodeBkey access network element key exchange
  • Step 320 After receiving the Msg2, the target MME (MMEn) determines the currently served MME (MMEo) according to the GUTI, and sends the Msg3 to the MMEo.
  • MMEo currently served MME
  • the message format of the Msg3 is as follows:
  • step 330 MMEo receives Msg3 and returns Msg4 to MMEn.
  • the message format of the Msg4 is as follows:
  • the MMEn.CertResult includes the CertMMEn and the verification result thereof
  • the AS-MME-UE.Keyinfo includes the MMEn exchange public key h MMEn
  • the AS-UE-MME includes the terminal exchange public key hu and the terminal identifier.
  • Step 340 MMEn receives Msg4, and obtains h U .
  • the MMEn trusts the MMEo, the communication channel between them is protected, so that it is not necessary to perform signature verification on the information sent by the MMEo.
  • Step 350 The MMEn generates a first temporary public-private key pair (x, xP) for key exchange and an MMEn forward greeting message including an MMEn forward random number, and exchanges a private key by using UE.ID, MMEn.ID, and MMEn.
  • the first temporary private key, the terminal exchange public key, and the second temporary public key generate a first consistency check key, and use the consistency check key to perform integrity calculation on the UE_Hello and MMEn forward greeting messages to generate a first message complete.
  • the message structure of the Msg5 is as follows:
  • MMEn-UE.Mic (UE Hello, MMEn-UEHello)// carries the first message integrity calculation result, and the field order in parentheses cannot be changed.
  • Step 360 After the eNodeB verifies that the signature of the MMEn is correct, the eNodeB generates an access network element temporary public-private key pair (y, yP) for key exchange and an eNodeB forward greeting message including an eNodeB forward random number, using the UE.ID. And the MMEn.ID, the MMEn exchange private key, the access network temporary private key, the terminal exchange public key, and the second temporary public key generate an access consistency check key, and use the access consistency check key pair UE_Hello and eNodeB The integrity calculation of the forward greeting message generates an access message integrity calculation result and sends Msg6 to the UE.
  • an access network element temporary public-private key pair y, yP
  • the message structure of the Msg6 is as follows:
  • Step 370 The UE receives the message Msg6, and uses the saved MMEo's signature certificate to verify the MMEo-UE.Sig. After the verification succeeds, the information in the Msg6, the GUTI, the first temporary public key (xP), the terminal exchange private key, and the first The second temporary private key (z) generates a second consistency check key.
  • the terminal generates a third consistency check key by using the information in the Msg6, the GUTI, the access network element temporary public key (yP), the terminal exchange private key, and the second temporary private key (z).
  • Step 380 The UE uses the second consistency check key to perform integrity calculation on the MMEn forward hello message and the UE Hello, and generates a second message integrity calculation result, and sends the second message integrity calculation result to the first sent by the MMEn.
  • the result of the message integrity calculation is compared.
  • the second message integrity calculation result is generated by using the generated second consistency check key to perform the second message integrity calculation on the MMEn forward greeting message and the UE Hello.
  • MMEn sends Msg7.
  • the message format of the Msg7 is as follows:
  • Step 390 After receiving the Msg7, the eNodeB uses the access consistency check key IK eNB to perform the sixth message integrity calculation result on the MMEn forward hello message and the UE-Hello integrity calculation result, and the UE-eNodeB.Mic of the Msg7 After performing the comparison verification, after verifying correctly, send Msg8 to MMEn.
  • IK eNB access consistency check key
  • the message format is as follows:
  • the specific implementation manner of the eNodeB to generate the access consistency check key is the same as that in the previous embodiment, and the IK eNB , the K eNB , and the NK eNB are generated, and extended according to the key extension method defined by the 3GPP.
  • Step 3100 After receiving the Msg8, the MMEn uses the first consistency check key IK ASME to perform an integrity calculation on the MMEn forward hello message and the UE-Hello to generate a seventh message integrity calculation result, and the UE-MMEn of the Msg8. Mic performs verification verification.
  • KDF Key, GUTI, MMEn identifier MMEn.ID, terminal random number UE-MMEn. Nounce, MMEn random number MMEn-UE.Nounce
  • Step 3110 The MMEn sends the Msg9 to the eNodeB and the terminal.
  • Msg9 is an authentication success message, otherwise it is a failure message.
  • the embodiment of the present application further provides a system for network authentication and authentication, and the structure thereof is as shown in FIG. 4, which specifically includes: an access network element 400, a first network element 401, and a second network element. 402, and terminal 403.
  • FIG. 4 specifically includes: an access network element 400, a first network element 401, and a second network element. 402, and terminal 403.
  • the working principle of each device and the cooperation between the two are implemented as described in the foregoing method embodiments, and are not described here.
  • the authentication vector transmitted in the network is signed by the signature private key, and the authentication parties use the consistency check key to perform message integrity calculation, and then perform authentication by verifying the message integrity calculation result.
  • the security of the authentication information in the delivery process and the reliability of the authentication are guaranteed.
  • the embodiment of the present application further provides a terminal, and the structure thereof is as shown in FIG. 5, which specifically includes: an authentication message sending module 501, an authentication module 502, a key generation module 503, and a message complete. Sex test Block 504. among them:
  • the authentication message sending module 501 is configured to generate a second temporary public-private key pair, and send a terminal greeting message and a terminal key exchange message to the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal confidentiality
  • the key exchange message includes a second temporary public key
  • the authentication module 502 is configured to verify the signature of the received authentication vector information by using the saved signature certificate of the second network element.
  • the key generation module 503 is configured to use the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary after the authentication module 502 successfully verifies
  • the private key generates a second consistency check key, and generates the authentication vector information, the terminal identifier, the access network element temporary public key, the terminal exchange private key, and the second temporary private key.
  • Third consistency check key
  • the message integrity check module 504 is configured to generate a second message integrity calculation result by performing message integrity calculation on the terminal hello message and the first network element forward greeting message by using the second consistency check key, The second message integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to the first network.
  • the authentication vector information includes the first network element signature certificate and a verification result thereof, and the first network element signature certificate and the verification result thereof by using the signature private key of the second network element
  • the terminal further includes: a signature certificate saving module, configured to acquire and save the signature certificate of the first network element after the authentication module succeeds in verifying.
  • the key generation module is configured to: verify the terminal random number in the authentication vector information, and perform point multiplication on the terminal exchange private key and the first temporary public key after the verification is successful. a first key seed, performing a point multiplication of the first network element exchange public key and the second temporary private key to calculate a second key seed, and performing one-way on the first key seed and the second key seed Calculating a first key; generating a second consistency check key by using the first key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number; The terminal random number in the authentication vector information is verified.
  • the terminal exchange private key is multiplied by the access network element temporary public key to calculate a fifth key seed, and the access network element exchanges the public key.
  • Calculating a sixth key seed by performing dot multiplication with the second temporary private key, performing a one-way operation on the fifth key seed and the sixth key seed to obtain a second key; using the second secret.
  • the key, the terminal identifier, the access network element identifier, the forward random number of the access network element, and the terminal random number generate a third consistency check key.
  • the embodiment of the present application further provides an access network element, and the structure thereof is as shown in FIG.
  • the authentication message transmission module 601 is configured to receive a terminal hello message and a terminal key exchange message sent by the terminal, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal key exchange message includes a second temporary public key; Sending, by the first network element, the terminal hello message, the terminal key exchange message, and the access network element greeting message, where the access network element greeting message includes an access network element identifier and a backward random number of the access network element ;
  • the authentication module 602 is configured to generate an access network element temporary public-private key pair and an access network element forward greeting message including the access network element forward random number, and use the obtained authentication vector information, the second temporary public Key, the access network element exchange private key, and the access network element temporary private key generate an access consistency check key, and use the access consistency check key to the terminal greeting message and the access network.
  • the integrity calculation of the incoming message to the hello message generates an access message integrity calculation result, and sends the authentication vector information, the access network element key exchange message including the access network element temporary public key, and the connection to the terminal.
  • the authentication module is further configured to: exchange the access NE greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the exchange of the first network element.
  • the signature of the public key is verified, so that after the verification succeeds, the first temporary public-private key pair and the first network element forward greeting message including the first network element forward random number are generated.
  • the authentication vector information further includes the first network element signature certificate and a verification result thereof; when the access network element receives the authentication vector information, And receiving a signature of the first network element signature certificate and the verification result thereof by using the first network element signature private key; the authentication module generates the temporary network public key pair of the access network element and the forward random number including the access network element
  • the access NE forwards the message it is specifically used to: use the signature certificate of the first network element to verify the signature, so that after the verification succeeds, the access network element temporary public-private key pair and the access are generated.
  • the access NE forward greeting message of the network element forward random number.
  • the method is specifically configured to: perform the access network element exchange private key and the second temporary public key. Calculating the seventh key seed by point multiplication, and multiplying the terminal exchange public key and the access network element temporary private key to calculate an eighth key seed, and the seventh key seed and the eighth key seed Performing a one-way operation to obtain a third key; generating a third consistency check key by using the third key, the terminal identifier, the access network element identifier, the access network element forward random number, and the terminal random number .
  • the embodiment of the present application further provides a first network element, and the structure thereof is as shown in FIG. 7 .
  • the authentication message transmission module 701, the authentication vector information acquisition module 702, and the authentication module 703 are included. among them:
  • the authentication message transmission module 701 is configured to receive a terminal hello message, a terminal key exchange message, and an access network element greeting message sent by the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, where the terminal is dense
  • the key exchange message includes a second temporary public key, where the access network element greeting message includes an access network element identifier and a backward random number of the access network element, and sends the terminal greeting message to the second network element, and the connection And a first network element backward greeting message, where the first network element includes a first network element, and then a random number and a first network element signature certificate;
  • the authentication vector information obtaining module 702 is configured to obtain the authentication vector information, where the information required to be verified by the terminal in the authentication vector information is signed by using the second network element signature private key;
  • the authentication module 703 is configured to generate a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, and use the obtained authentication vector information, the second temporary public key, Generating a first consistency check key by using the first network element exchange private key and the first temporary private key, and using the first consistency check key to greet the terminal with the first network element Performing an integrity calculation on the hello calculation to generate a first message integrity calculation result, and sending the authentication vector information, the first network element key exchange message including the first temporary public key, and the first a network element forward greeting message and a first message integrity calculation result; and performing message integrity calculation on the first network element forward greeting message and the terminal greeting message using the first consistency check key to generate a seventh
  • the result of the message integrity calculation is used to verify the third message integrity calculation result sent by the terminal by using the generated seventh message integrity calculation result; after the verification is successful, the first network element passes the access network element to the Terminal sending NE authentication success message.
  • the authentication module is further configured to verify, by using the saved certificate of the query center, the signature of the first network element to the greeting message, the terminal identifier, and the exchange public key of the terminal, so that After the verification succeeds, the first temporary public-private key pair and the first network element forward greeting message including the first network element forward random number are generated.
  • the authentication module when the authentication module generates the first consistency check key, it is specifically used to:
  • Calculating a third key seed by multiplying the first network element exchange private key and the second temporary public key, and multiplying the terminal exchange public key and the first temporary private key to calculate a fourth key seed Performing a one-way operation on the third key seed and the fourth key seed to obtain a fourth key;
  • the embodiment of the present application further provides a second network element, which is configured as shown in FIG. 8 , and specifically includes: an authentication vector information sending module 801, configured to send an authentication to the first network element.
  • the vector information, the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key.
  • the authentication information sending module is specifically configured to:
  • the vector information includes: the exchange public key of the access network element, the exchange public key of the first network element, the terminal identifier, the exchange public key of the terminal, and the exchange of the terminal greeting message and the access network element by using the second network element signature private key
  • the signature of the public key and the exchanged public key of the first network element using the signature private key of the query center to access the network element greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the first
  • the signature of the exchanged public key of the network element using the signature private key of the query center, to sign the first network element to the greeting message, the terminal identifier, and the exchange public key of the terminal.
  • the embodiment of the present application further provides a query center, and the structure thereof is as shown in FIG. 9 , and specifically includes:
  • the information obtaining module 901 is configured to exchange the public key of the first network element corresponding to the first network element identifier, and verify the first network element signature certificate, and obtain the exchange of the access network element corresponding to the access network element identifier.
  • the information sending module 902 is configured to generate a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and sign the first network element to the hello message and the generated message. Signing the access NE greeting message, and the two signatures, the exchange public key of the first network element, the first network element identifier, and the exchange public key of the access network element The access network element identifier is sent to the second network element.
  • embodiments of the present application can be provided as a method, system, or computer program product.
  • the present application can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment in combination of software and hardware.
  • the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that the computer Or performing a series of operational steps on other programmable devices to produce computer-implemented processing such that instructions executed on a computer or other programmable device are provided for implementing a block in a flow or a flow and/or block diagram of the flowchart Or the steps of the function specified in multiple boxes.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Disclosed are a network authentication method and device. The method comprises: an access network element transmits to a terminal via the access network element the authentication vector information signed with a signature private key of a second network element; the terminal verifies the signature of the authentication vector information, generates two consistency check keys after the verification succeeds, and performs information integrity computation using the two consistency check keys respectively, and then respectively compares with the information integrity computation results transmitted by a first network element and the access network element; if the comparison results are correct, then performing information integrity computation using the two consistency check keys respectively again and transmitting the computation results to the access network element and the first network element; the access network element and the first network element each use their respective generated consistency check keys to perform information integrity computation and compares the computed result with the computed results transmitted by the terminal, thus realizing authentication. The present invention ensures the security of authentication vector information during transmission and the reliability of authentication.

Description

一种网络鉴权认证的方法及设备Method and device for network authentication authentication
本申请要求在2014年3月27日提交中国专利局、申请号为201410120400.6、发明名称为“一种网络鉴权认证的方法及设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese Patent Application filed on March 27, 2014, the Chinese Patent Office, Application No. 201410120400.6, entitled "A Method and Apparatus for Network Authentication Authentication", the entire contents of which are incorporated by reference. In this application.
技术领域Technical field
本申请涉及通信技术领域,尤其涉及一种网络鉴权认证的方法及设备。The present application relates to the field of communications technologies, and in particular, to a network authentication and authentication method and device.
背景技术Background technique
长期演进(LTE,Long Term Evolution)网络的鉴权认证阶段采用AKA协议。现有的LTE网络中,鉴权认证阶段存在安全漏洞,具体体现在:The AKA protocol is adopted in the authentication and authentication phase of the Long Term Evolution (LTE) network. In the existing LTE network, there are security vulnerabilities in the authentication and authentication phase, which are embodied in:
鉴权向量在传递过程中容易受到攻击。特别是当终端跨公共陆地移动网络(PLMN,Public Land Mobile Network)漫游时,为了对终端进行鉴权认证,归属地网络的网元会把鉴权向量发送到漫游网络的网元。在这个过程中,鉴权向量穿过不同的网络,很容易受到攻击。The authentication vector is vulnerable to attack during the delivery process. In particular, when the terminal roams across the public land mobile network (PLMN), in order to authenticate the terminal, the network element of the home network sends the authentication vector to the network element of the roaming network. In this process, the authentication vector traverses different networks and is vulnerable to attack.
发明内容Summary of the invention
本申请的目的是提供一种网络鉴权认证的方法及设备,以解决LTE网络鉴权认证阶段存在的安全问题。The purpose of the application is to provide a method and device for network authentication authentication to solve the security problem existing in the LTE network authentication and authentication phase.
本申请的目的是通过以下技术方案实现的:The purpose of this application is achieved by the following technical solutions:
一种网络鉴权认证的方法,包括:A method for network authentication and authentication includes:
终端生成第二临时公私钥对,向接入网元发送终端问候消息和终端密钥交换消息,所述终端问候消息包含终端标识和终端随机数,所述终端密钥交换消息包含第二临时公钥;The terminal generates a second temporary public-private key pair, and sends a terminal hello message and a terminal key exchange message to the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal key exchange message includes the second temporary public key;
所述接入网元向第一网元发送所述终端问候消息、所述终端密钥交换消息和接入网元问候消息,所述接入网元问候消息包含接入网元标识和接入网元后向随机数;The access network element sends the terminal hello message, the terminal key exchange message, and the access network element hello message to the first network element, where the access network element hello message includes an access network element identifier and access The backward number of the network element;
所述第一网元向第二网元发送所述终端问候消息、所述接入网元问候消息和第一网元后向问候消息,所述第一网元后向问候消息中包含第一网元后向随机数和第一网元签名证书;The first network element sends the terminal hello message, the access network element greeting message, and the first network element backward greeting message to the second network element, where the first network element backward greeting message includes the first The network element returns a random number and a first network element to sign a certificate;
第二网元向第一网元发送鉴权向量信息,所述鉴权向量信息中需要终端验证的信息使用第二网元签名私钥进行签名;The second network element sends the authentication vector information to the first network element, where the information required for the terminal verification in the authentication vector information is signed by using the second network element signature private key;
所述第一网元获取所述鉴权向量信息; The first network element acquires the authentication vector information;
所述第一网元生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获得的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥和所述第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行完整性计算产生第一消息完整性计算结果,并向所述接入网元发送所述鉴权向量信息、包含第一临时公钥的第一网元密钥交换消息、第一网元前向问候消息和第一消息完整性计算结果;The first network element generates a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, and uses the obtained authentication vector information, the second temporary public key, and the Generating a first consistency check key by using the first network element exchange private key and the first temporary private key, and using the first consistency check key to send the terminal greeting message and the first network element forward The hello calculation of the hello message generates a first message integrity calculation result, and sends the authentication vector information, the first network element key exchange message including the first temporary public key, and the first network to the access network element. The meta-forward greeting message and the first message integrity calculation result;
所述接入网元生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息,利用获得的鉴权向量信息、所述第二临时公钥、所述接入网元交换私钥和所述接入网元临时私钥生成接入一致性检查密钥,使用所述接入一致性检查密钥对所述终端问候消息和接入网元前向问候消息进行完整性计算产生接入消息完整性计算结果,并向终端发送所述鉴权向量信息、包含接入网元临时公钥的接入网元密钥交换消息、所述接入网元前向问候消息、接入消息完整性计算结果、所述第一网元前向问候消息和所述第一消息完整性计算结果;The access network element generates an access network element temporary public-private key pair and an access network element forward greeting message including a forward random number of the access network element, and uses the obtained authentication vector information and the second temporary public key. The access network element exchange private key and the access network element temporary private key generate an access consistency check key, and use the access consistency check key to the terminal hello message and the access network element. Performing integrity calculation on the forward greeting message to generate an access message integrity calculation result, and transmitting the authentication vector information, the access network element key exchange message including the access network element temporary public key, and the access to the terminal a network element forward greeting message, an access message integrity calculation result, the first network element forward greeting message, and the first message integrity calculation result;
所述终端使用保存的第二网元的签名证书对接收到的所述鉴权向量信息中的签名进行验证;The terminal verifies the signature in the received authentication vector information by using the saved signature certificate of the second network element;
验证成功后,所述终端利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥,并利用所述鉴权向量信息、所述终端标识、所述接入网元临时公钥、终端交换私钥、和所述第二临时私钥生成第三一致性检查密钥;After the verification is successful, the terminal generates a second consistency check key by using the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. And generating, by using the authentication vector information, the terminal identifier, the access network element temporary public key, the terminal exchange private key, and the second temporary private key, a third consistency check key;
所述终端使用所述第二一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将所述第二消息完整性计算结果与第一网元发送的所述第一消息完整性计算结果比对,比对正确后,使用生成的所述第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果;The terminal uses the second consistency check key to perform message integrity calculation on the terminal hello message and the first network element forward greeting message to generate a second message integrity calculation result, and complete the second message complete The result of the calculation is compared with the result of the first message integrity calculation sent by the first network element. After the comparison is correct, the generated second consistency check key is used to forward the first network element to the greeting message and The second message integrity calculation is performed by the terminal greeting message to generate a third message integrity calculation result;
所述终端使用所述第三一致性检查密钥对所述终端问候消息和接入网元前向问候消息进行消息完整性计算产生第四消息完整性计算结果,将所述第四消息完整性计算结果与接入网元发送的所述接入消息完整性计算结果比对,比对正确后,使用生成的所述第三一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第五消息完整性计算结果;The terminal uses the third consistency check key to perform message integrity calculation on the terminal hello message and the access network element forward greeting message to generate a fourth message integrity calculation result, and complete the fourth message complete The result of the calculation is compared with the calculation result of the integrity of the access message sent by the access network element. After the comparison is correct, the third consistency check key is used to access the NE forward greeting message and The terminal hello message performs a message integrity calculation to generate a fifth message integrity calculation result;
将所述第五消息完整性计算结果发送给所述接入网元,并将所述第三消息完整性计算结果通过所述接入网元发送给所述第一网元;Transmitting the fifth message integrity calculation result to the access network element, and sending the third message integrity calculation result to the first network element by using the access network element;
所述接入网元使用所述接入一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第六消息完整性计算结果,使用所述第六消息完整性计算结果 验证所述第五消息完整性计算结果,验证成功后,向所述终端发送接入网元鉴权成功消息;The access network element uses the access consistency check key to perform a message integrity calculation on the access NE forward greeting message and the terminal hello message, and generates a sixth message integrity calculation result, using the sixth message complete. Sexual calculation result After the fifth message integrity calculation result is verified, after the verification succeeds, the access network element authentication success message is sent to the terminal;
所述第一网元使用所述第一一致性检查密钥对所述第一网元前向问候消息和终端问候消息进行消息完整性计算产生第七消息完整性计算结果,使用生成的所述第七消息完整性计算结果验证所述第三消息完整性计算结果;验证成功后,所述第一网元通过所述接入网元向所述终端发送第一网元鉴权成功消息。The first network element performs a message integrity calculation on the first network element forward greeting message and the terminal greeting message by using the first consistency check key to generate a seventh message integrity calculation result, and uses the generated The seventh message integrity calculation result verifies the third message integrity calculation result; after the verification is successful, the first network element sends the first network element authentication success message to the terminal by using the access network element.
较佳地,在所述终端的初始认证阶段,所述第二网元向第一网元发送鉴权向量信息,具体包括:Preferably, in the initial authentication phase of the terminal, the second network element sends the authentication vector information to the first network element, which specifically includes:
所述第二网元查找所述终端标识对应的所述终端的交换公钥;The second network element searches for an exchange public key of the terminal corresponding to the terminal identifier;
所述第二网元向查询中心发送所述接入网元问候消息、所述第一网元后向问候消息、所述终端标识和所述终端的交换公钥;Sending, by the second network element, the access NE greeting message, the first network element backward greeting message, the terminal identifier, and the exchange public key of the terminal to the query center;
所述查询中心获取所述第一网元标识对应的第一网元的交换公钥并验证第一网元签名证书,并获取所述接入网元标识对应的接入网元的交换公钥;生成携带第一网元的签名证书及验证结果、终端标识和所述终端的交换公钥的消息,对第一网元后向问候消息和生成的所述消息进行签名,对所述接入网元问候消息进行签名,将所述两个签名、所述第一网元的交换公钥、所述第一网元标识、所述接入网元的交换公钥和所述接入网元标识发送给所述第二网元;Obtaining, by the query center, the exchange public key of the first network element corresponding to the first network element identifier, and verifying the first network element signature certificate, and acquiring the exchange public key of the access network element corresponding to the access network element identifier Generating a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and signing the first network element to the hello message and the generated message, for the access The NE greeting message is signed, and the two signatures, the exchange public key of the first network element, the first network element identifier, the exchange public key of the access network element, and the access network element Sending an identifier to the second network element;
所述第二网元使用所述查询中心的签名证书验证签名正确后,向所述第一网元发送鉴权向量信息,所述鉴权向量信息包括:接入网元的交换公钥,第一网元的交换公钥,终端标识,终端的交换公钥,使用第二网元签名私钥对终端问候消息、接入网元的交换公钥和第一网元的交换公钥进行的签名,使用查询中心的签名私钥对接入网元问候消息、终端标识、终端的交换公钥、接入网元的交换公钥和第一网元的交换公钥进行的签名,使用查询中心的签名私钥对第一网元后向问候消息、终端标识和终端的交换公钥进行的签名;After the second network element uses the signature certificate of the query center to verify that the signature is correct, the second network element sends the authentication vector information to the first network element, where the authentication vector information includes: an exchange public key of the access network element, The exchange public key of a network element, the terminal identifier, the exchange public key of the terminal, and the signature of the terminal greeting message, the exchange public key of the access network element, and the exchange public key of the first network element by using the second network element signature private key Using the signature private key of the query center to sign the access NE greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the exchange public key of the first network element, using the query center The signature of the signature private key to the first network element to the hello message, the terminal identifier, and the exchange public key of the terminal;
所述第一网元生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息之前,该方法还包括:Before the first network element generates the first temporary public-private key pair and the first network element forward greeting message including the first network element forward random number, the method further includes:
所述第一网元使用保存的查询中心的签名证书对第一网元后向问候消息、终端标识和终端的交换公钥的签名进行验证,以便验证成功后,生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息;The first network element uses the saved certificate of the query center to verify the signature of the first network element to the hello message, the terminal identifier, and the exchange public key of the terminal, so that after the verification succeeds, the first temporary public-private key pair is generated. a first network element forward greeting message including a forward random number of the first network element;
所述接入网元生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息之前,该方法还包括:Before the access network element generates the access network element temporary public-private key pair and the access network element forward greeting message including the forward random number of the access network element, the method further includes:
所述接入网元对接入网元问候消息、终端标识、终端的交换公钥、接入网元的交换公钥和第一网元的交换公钥的签名进行验证,以便验证成功后,生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息。The access network element verifies the signatures of the access NE greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the exchange public key of the first network element, so that after the verification succeeds, Generating a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number.
进一步的,所述鉴权向量信息中还包括所述第一网元签名证书及其验证结果,和使用 所述第二网元的签名私钥对所述第一网元签名证书及其验证结果进行的签名,所述终端使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验证成功后,该方法还包括:所述终端获取并保存所述第一网元的签名证书;和/或,所述鉴权向量信息中还包括:所述第一网元签名证书及其验证结果,和使用所述查询中心的签名私钥对所述第一网元签名证书及其验证结果进行的签名;所述接入网元使用查询中心的签名证书进行验证时,该方法还包括:所述接入网元使用保存的所述查询中心的签名证书对所述第一网元签名证书及其验证结果的签名进行验证,验证成功后,保存所述第一网元的签名证书。Further, the authentication vector information further includes the first network element signature certificate and the verification result thereof, and the use Signing of the first network element signature certificate and its verification result by the signature private key of the second network element, the terminal signing the received authentication vector information by using the saved signature certificate of the second network element After the verification is successful, the method further includes: the terminal acquiring and saving the signature certificate of the first network element; and/or, the authentication vector information further includes: the first network element signature certificate and a verification result, and a signature of the first network element signature certificate and the verification result thereof by using the signature private key of the query center; when the access network element uses the signature certificate of the query center for verification, the method further includes The access network element uses the saved signature of the query center to verify the signature of the first network element signature certificate and the verification result thereof. After the verification succeeds, the signature certificate of the first network element is saved.
较佳地,在跟踪区域更新阶段,所述鉴权向量信息包括:Preferably, in the tracking area update phase, the authentication vector information includes:
接入网元的交换公钥,第一网元的交换公钥,终端标识,终端的交换公钥,使用第二网元的签名私钥对终端问候消息、接入网元的交换公钥和第一网元的交换公钥进行的签名,和使用第二网元签名私钥对第一网元后向问候消息、终端标识和终端的交换公钥进行的签名。The exchange public key of the access network element, the exchange public key of the first network element, the terminal identifier, the exchange public key of the terminal, the use of the signature private key of the second network element, the exchange of the terminal, the exchange of the public key of the access network element, and The signature of the exchanged public key of the first network element and the signature of the first network element to the greeting message, the terminal identifier, and the exchange public key of the terminal by using the second network element signature private key.
进一步的,所述鉴权向量信息中还包括第一网元签名证书及其验证结果,和使用所述第二网元的签名私钥对所述第一网元签名证书及其验证结果进行的签名,所述终端使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验证成功后,该方法还包括:所述终端获取并保存所述第一网元的签名证书;和/或,所述鉴权向量信息中还包括所述第一网元签名证书及其验证结果;第一网元向所述接入网元发送所述鉴权向量信息、第一网元密钥交换消息、第一网元前向问候消息和第一消息完整性计算结果时,还向所述接入网元发送使用第一网元签名私钥对第一网元签名证书及其验证结果进行的签名;所述接入网元生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息之前,该方法还包括:所述接入网元使用所述第一网元的签名证书对所述签名进行验证,以便验证成功后,生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息。Further, the authentication vector information further includes a first network element signature certificate and a verification result thereof, and the first network element signature certificate and the verification result thereof are performed by using the signature private key of the second network element. After the terminal successfully verifies the signature of the received authentication vector information by using the saved signature of the second network element, the method further includes: the terminal acquiring and saving the signature certificate of the first network element And/or, the authentication vector information further includes the first network element signature certificate and a verification result thereof; the first network element sends the authentication vector information, the first network element to the access network element When the key exchange message, the first network element forward greeting message, and the first message integrity calculation result, the first network element signature certificate and the verification thereof are sent to the access network element by using the first network element signature private key. a result of the signature; before the access network element generates the access network element temporary public-private key pair and the access network element forward greeting message including the forward random number of the access network element, the method further includes: the accessing The network element uses the first network element The signature certificate verifies the signature, so that after the verification succeeds, the access network element temporary public-private key pair and the access network element forward greeting message including the forward random number of the access network element are generated.
一种终端,包括:A terminal comprising:
鉴权消息发送模块,用于生成第二临时公私钥对,向接入网元发送终端问候消息和终端密钥交换消息,所述终端问候消息包含终端标识和终端随机数,所述终端密钥交换消息包含第二临时公钥;The authentication message sending module is configured to generate a second temporary public-private key pair, and send a terminal greeting message and a terminal key exchange message to the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal key The exchange message contains a second temporary public key;
鉴权模块,用于使用保存的第二网元的签名证书对接收到的所述鉴权向量信息中的签名进行验证;An authentication module, configured to verify, by using the saved signature certificate of the second network element, the received signature in the authentication vector information;
密钥生成模块,用于所述鉴权模块验证成功后,利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥,并利用所述鉴权向量信息、所述终端标识、所述接入网元临时公钥、终端交换私钥、和所述第二临时私钥生成第三一致性检查密钥; a key generation module, configured to use the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key after the authentication module succeeds Generating a second consistency check key, and generating a third by using the authentication vector information, the terminal identifier, the access network element temporary public key, the terminal exchange private key, and the second temporary private key Consistency check key;
消息完整性检验模块,用于使用所述第二一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将所述第二消息完整性计算结果与第一网元发送的所述第一消息完整性计算结果比对,比对正确后,使用生成的所述第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果;使用所述第三一致性检查密钥对所述终端问候消息和接入网元前向问候消息进行消息完整性计算产生第四消息完整性计算结果,将所述第四消息完整性计算结果与接入网元发送的所述接入消息完整性计算结果比对,比对正确后,使用生成的所述第三一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第五消息完整性计算结果;将所述第五消息完整性计算结果发送给所述接入网元,并将所述第三消息完整性计算结果通过所述接入网元发送给所述第一网元。a message integrity check module, configured to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message by using the second consistency check key to generate a second message integrity calculation result, where The second message integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to match the first network element. Performing a second message integrity calculation on the forward message and the terminal greeting message to generate a third message integrity calculation result; using the third consistency check key to send the terminal greeting message and the access network element forward greeting The message integrity calculation is performed to generate a fourth message integrity calculation result, and the fourth message integrity calculation result is compared with the access message integrity calculation result sent by the access network element, and after the comparison is correct, the message is used. Generating the third consistency check key to generate a fifth message integrity calculation result by performing message integrity calculation on the access network element forward greeting message and the terminal greeting message; Message integrity calculation result is sent to the access network element, to the first network element and the third message is sent via the integrity evaluation result of the access network element.
一种接入网元,包括:An access network element includes:
鉴权消息传输模块,用于接收终端发送的终端问候消息和终端密钥交换消息,所述终端问候消息包含终端标识和终端随机数,所述终端密钥交换消息包含第二临时公钥;向第一网元发送所述终端问候消息、所述终端密钥交换消息和接入网元问候消息,所述接入网元问候消息包含接入网元标识和接入网元后向随机数;The authentication message transmission module is configured to receive a terminal greeting message and a terminal key exchange message sent by the terminal, where the terminal greeting message includes a terminal identifier and a terminal random number, and the terminal key exchange message includes a second temporary public key; The first network element sends the terminal hello message, the terminal key exchange message, and the access network element greeting message, where the access network element greeting message includes an access network element identifier and a backward random number of the access network element;
鉴权模块,用于生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息,利用获得的鉴权向量信息、所述第二临时公钥、所述接入网元交换私钥和所述接入网元临时私钥生成接入一致性检查密钥,使用所述接入一致性检查密钥对所述终端问候消息和接入网元前向问候消息进行完整性计算产生接入消息完整性计算结果,并向终端发送所述鉴权向量信息、包含接入网元临时公钥的接入网元密钥交换消息、所述接入网元前向问候消息、接入消息完整性计算结果、所述第一网元前向问候消息和所述第一消息完整性计算结果;以及使用所述接入一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第六消息完整性计算结果,使用所述第六消息完整性计算结果验证终端发送的第五消息完整性计算结果,验证成功后,向所述终端发送接入网元鉴权成功消息。The authentication module is configured to generate an access network element temporary public-private key pair and an access network element forward greeting message including the access network element forward random number, and use the obtained authentication vector information and the second temporary public key The access network element exchange private key and the access network element temporary private key generate an access consistency check key, and use the access consistency check key to the terminal hello message and the access network element. Performing integrity calculation on the forward greeting message to generate an access message integrity calculation result, and transmitting the authentication vector information, the access network element key exchange message including the access network element temporary public key, and the access to the terminal a network element forward greeting message, an access message integrity calculation result, the first network element forward greeting message, and the first message integrity calculation result; and access using the access consistency check key pair The message integrity calculation is performed by the network element forward greeting message and the terminal greeting message to generate a sixth message integrity calculation result, and the sixth message integrity calculation result is used to verify the fifth message integrity calculation result sent by the terminal, and the verification result is verified. After the terminal to access network element transmits the authentication success message.
一种第一网元,包括:A first network element, including:
鉴权消息传输模块,用于接收接入网元发送的终端问候消息、终端密钥交换消息和接入网元问候消息,所述终端问候消息包含终端标识和终端随机数,所述终端密钥交换消息包含第二临时公钥,所述接入网元问候消息包含接入网元标识和接入网元后向随机数;并向第二网元发送所述终端问候消息、所述接入网元问候消息和第一网元后向问候消息,所述第一网元后向问候消息中包含第一网元后向随机数和第一网元签名证书;The authentication message transmission module is configured to receive a terminal greeting message, a terminal key exchange message, and an access network element greeting message sent by the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal key The exchange message includes a second temporary public key, where the access network element greeting message includes an access network element identifier and a backward random number of the access network element, and sends the terminal hello message to the second network element, where the access message a network element greeting message and a first network element backward greeting message, where the first network element backwards greeting message includes a first network element, and then a random number and a first network element signature certificate;
鉴权向量信息获取模块,用于获取鉴权向量信息,所述鉴权向量信息中需要终端验证的信息使用第二网元签名私钥进行签名; The authentication vector information acquiring module is configured to obtain the authentication vector information, where the information required to be verified by the terminal in the authentication vector information is signed by using the second network element signature private key;
鉴权模块,用于生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获得的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥和所述第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行完整性计算产生第一消息完整性计算结果,并向所述接入网元发送所述鉴权向量信息、包含第一临时公钥的第一网元密钥交换消息、第一网元前向问候消息和第一消息完整性计算结果;以及使用所述第一一致性检查密钥对所述第一网元前向问候消息和终端问候消息进行消息完整性计算产生第七消息完整性计算结果,使用生成的所述第七消息完整性计算结果验证终端发送的第三消息完整性计算结果;验证成功后,所述第一网元通过所述接入网元向所述终端发送第一网元鉴权成功消息。An authentication module, configured to generate a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, using the obtained authentication vector information, the second temporary public key, and the Generating a first consistency check key by using the first network element exchange private key and the first temporary private key, and using the first consistency check key to send the terminal greeting message and the first network element forward The hello calculation of the hello message generates a first message integrity calculation result, and sends the authentication vector information, the first network element key exchange message including the first temporary public key, and the first network to the access network element. a meta-forward greeting message and a first message integrity calculation result; and performing a message integrity calculation on the first network element forward greeting message and the terminal greeting message using the first consistency check key to generate a seventh message The integrity calculation result is used to verify the third message integrity calculation result sent by the terminal by using the generated seventh message integrity calculation result; after the verification is successful, the first network element passes the access network element to the terminal Send first Yuan authentication success message.
一种第二网元,包括:A second network element, including:
鉴权向量信息发送模块,用于向第一网元发送鉴权向量信息,所述鉴权向量信息中需要终端验证的信息使用第二网元签名私钥进行签名。The authentication vector information sending module is configured to send the authentication vector information to the first network element, where the information required for the terminal verification in the authentication vector information is signed by using the second network element signature private key.
一种查询中心,包括:A query center that includes:
信息获取模块,用于获取所述第一网元标识对应的第一网元的交换公钥并验证第一网元签名证书,并获取所述接入网元标识对应的接入网元的交换公钥;An information acquiring module, configured to acquire an exchange public key of the first network element corresponding to the first network element identifier, and verify the first network element signature certificate, and obtain an exchange of the access network element corresponding to the access network element identifier Public key
信息发送模块,用于生成携带第一网元的签名证书及验证结果、终端标识和所述终端的交换公钥的消息,对第一网元后向问候消息和生成的所述消息进行签名,对所述接入网元问候消息进行签名,将所述两个签名、所述第一网元的交换公钥、所述第一网元标识、所述接入网元的交换公钥和所述接入网元标识发送给所述第二网元。The information sending module is configured to generate a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and sign the first network element back greeting message and the generated message, Signing the access NE greeting message, the two signatures, the exchange public key of the first network element, the first network element identifier, the exchange public key of the access network element, and the The access network element identifier is sent to the second network element.
本申请实施例提供的方法、系统及设备,网络中传递的鉴权向量经过签名私钥签名,鉴权双方使用一致性检查密钥进行消息完整性计算,进而通过对消息完整性计算结果进行验证实现鉴权,保证了鉴权信息在传递过程中的安全性以及鉴权的可靠性。The method, system and device provided by the embodiments of the present application, the authentication vector transmitted in the network is signed by the signature private key, and the authentication parties use the consistency check key to perform message integrity calculation, and then verify the result of the message integrity calculation. The authentication is implemented to ensure the security of the authentication information in the process of transmission and the reliability of authentication.
附图说明DRAWINGS
图1为本申请实施例提供的方法流程图;FIG. 1 is a flowchart of a method provided by an embodiment of the present application;
图2为本申请实施例提供的初始认证阶段鉴权方法信令图;2 is a signaling diagram of an initial authentication phase authentication method provided by an embodiment of the present application;
图3为本申请实施例提供的TAU阶段鉴权方法信令图;FIG. 3 is a signaling diagram of a TAU phase authentication method according to an embodiment of the present application;
图4为本申请实施例提供的系统结构示意图;4 is a schematic structural diagram of a system according to an embodiment of the present application;
图5为本申请实施例提供的终端示意图;FIG. 5 is a schematic diagram of a terminal according to an embodiment of the present application;
图6为本申请实施例提供的接入网元示意图;FIG. 6 is a schematic diagram of an access network element according to an embodiment of the present disclosure;
图7为本申请实施例提供的第一网元示意图;FIG. 7 is a schematic diagram of a first network element according to an embodiment of the present application;
图8为本申请实施例提供的第二网元示意图; FIG. 8 is a schematic diagram of a second network element according to an embodiment of the present application;
图9为本申请实施例提供的查询中心示意图。FIG. 9 is a schematic diagram of a query center according to an embodiment of the present application.
具体实施方式detailed description
为了提高LTE网络鉴权认证过程的安全性,避免鉴权参数在网元之间传递的过程中被窃取或篡改,本申请实施例提供了一种网络鉴权认证的方法,该方法中,网元之间传递的鉴权向量经过签名私钥签名,鉴权双方使用一致性检查密钥进行消息完整性计算,进而通过对消息完整性计算结果进行验证实现鉴权,保证了鉴权信息在传递过程中的安全性以及鉴权的可靠性。In order to improve the security of the LTE network authentication process and avoid the theft or tampering of the authentication parameters in the process of the transmission between the network elements, the embodiment of the present application provides a network authentication authentication method. The authentication vector passed between the elements is signed by the signature private key, and the authentication parties use the consistency check key to perform message integrity calculation, and then verify the message integrity calculation result to ensure the authentication information is transmitted. Security in the process and reliability of authentication.
下面将结合附图,对本申请实施例提供的技术方案进行详细说明。The technical solutions provided by the embodiments of the present application are described in detail below with reference to the accompanying drawings.
本申请实施例提供的一种网络鉴权认证方法如图1所示,具体包括如下操作:A network authentication and authentication method provided by the embodiment of the present application is as shown in FIG. 1 , and specifically includes the following operations:
步骤100、终端生成第二临时公私钥对,向接入网元发送包含终端标识和终端随机数的终端问候(Hello)消息、和包含第二临时公钥的终端密钥交换消息。Step 100: The terminal generates a second temporary public-private key pair, and sends a terminal hello message including a terminal identifier and a terminal random number to the access network element, and a terminal key exchange message including the second temporary public key.
步骤110、接入网元向第一网元发送终端问候消息、终端密钥交换消息和包含接入网元标识和接入网元后向随机数的接入网元问候消息。Step 110: The access network element sends a terminal hello message, a terminal key exchange message, and an access NE greeting message including the access network element identifier and the access network element backward random number to the first network element.
步骤120、第一网元向第二网元发送终端问候消息、接入网元问候消息和包含第一网元后向随机数和第一网元签名证书的第一网元后向问候消息。Step 120: The first network element sends a terminal hello message, an access NE greeting message, and a first network element backward greeting message including the first network element to the random number and the first network element signature certificate to the second network element.
步骤130、第二网元向第一网元发送鉴权向量信息,所述鉴权向量信息中需要发送给终端的信息使用第二网元签名私钥进行签名。Step 130: The second network element sends the authentication vector information to the first network element, where the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key.
步骤140、所述第一网元获取所述鉴权向量信息。Step 140: The first network element acquires the authentication vector information.
步骤150、所述第一网元生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获取的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥和所述第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行完整性计算产生第一消息完整性计算结果,并向接入网元发送所述鉴权向量信息、包含第一临时公钥的第一网元密钥交换消息和第一网元前向问候消息,以及第一消息完整性计算结果。Step 150: The first network element generates a first temporary public-private key pair and a first network element forward greeting message that includes a first network element forward random number, and uses the obtained authentication vector information, the second temporary public The first consistency check key is generated by the key, the first network element exchange private key, and the first temporary private key, and the terminal greeting message and the first network are used by using the first consistency check key. Performing an integrity calculation on the hello message to generate a first message integrity calculation result, and transmitting the authentication vector information, the first network element key exchange message including the first temporary public key, and the first to the access network element. The NE forward greeting message and the first message integrity calculation result.
步骤160、所述接入网元生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息,利用获取的鉴权向量信息、所述第二临时公钥、所述接入网元交换私钥和所述接入网元临时私钥生成接入一致性检查密钥,使用所述接入一致性检查密钥对所述终端问候消息和接入网元前向问候消息进行完整性计算产生接入消息完整性计算结果,并向终端发送所述鉴权向量信息、包含接入网元临时公钥的接入网元密钥交换消息、接入网元前向问候消息、接入消息完整性计算结果和第一网元前向问候消息,以及第一消息完整性计算结果。 Step 160: The access network element generates an access network element temporary public-private key pair and an access network element forward greeting message including a forward random number of the access network element, and uses the obtained authentication vector information, the second The temporary public key, the access network element exchange private key, and the access network element temporary private key generate an access consistency check key, and use the access consistency check key to greet the terminal with the message The integrity calculation of the incoming message to the hello message generates an access message integrity calculation result, and sends the authentication vector information, the access network element key exchange message including the access network element temporary public key, and the connection to the terminal. The incoming NE forward greeting message, the access message integrity calculation result, and the first network element forward greeting message, and the first message integrity calculation result.
步骤170、所述终端使用保存的第二网元的签名证书对接收到的所述鉴权向量信息中的签名进行验证。Step 170: The terminal verifies the signature in the received authentication vector information by using the saved signature certificate of the second network element.
步骤180、验证成功后,所述终端利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥,并利用所述鉴权向量信息、所述终端标识、所述接入网元临时公钥、终端交换私钥、和所述第二临时私钥生成第三一致性检查密钥。Step 180: After the verification succeeds, the terminal generates the second consistency by using the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. Checking a key, and generating a third consistency check key by using the authentication vector information, the terminal identifier, the access network element temporary public key, the terminal exchange private key, and the second temporary private key .
步骤190、所述终端使用所述第二一致性检查密钥对终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将所述第二消息完整性计算结果与第一网元发送的所述第一消息完整性计算结果比对,比对正确后,使用生成的所述第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果。Step 190: The terminal uses the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message to generate a second message integrity calculation result, where the second message is sent. The integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to forward the first network element forward greeting message. Performing a second message integrity calculation with the terminal hello message produces a third message integrity calculation result.
所述终端使用所述第三一致性检查密钥对终端问候消息和接入网元前向问候消息进行消息完整性计算产生第四消息完整性计算结果,将所述第四消息完整性计算结果与接入网元发送的所述接入消息完整性计算结果比对,比对正确后,使用生成的所述第三一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第五消息完整性计算结果。The terminal uses the third consistency check key to perform message integrity calculation on the terminal hello message and the access network element forward greeting message to generate a fourth message integrity calculation result, where the fourth message integrity calculation is performed. The result is compared with the calculation result of the integrity of the access message sent by the access network element. After the comparison is correct, the generated third-party consistency check key is used to access the NE forward greeting message and the terminal greeting. The message integrity calculation calculates a fifth message integrity calculation result.
将所述第五消息完整性计算结果发送给所述接入网元,并将所述第三消息完整性计算结果通过所述接入网元发送给所述第一网元。Transmitting the fifth message integrity calculation result to the access network element, and sending the third message integrity calculation result to the first network element by using the access network element.
步骤1100、所述接入网元使用上述生成的接入一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第六消息完整性计算结果,使用生成的所述第六消息完整性计算结果验证终端发送过来的所述第五消息完整性计算结果。Step 1100: The access network element uses the generated access consistency check key to perform a message integrity calculation on the access NE forward greeting message and the terminal hello message to generate a sixth message integrity calculation result, and uses the generated The sixth message integrity calculation result verifies the fifth message integrity calculation result sent by the terminal.
验证成功后,向所述终端发送接入网元鉴权成功消息。After the verification succeeds, the access network element authentication success message is sent to the terminal.
步骤1110、所述第一网元使用上述生成的第一一致性检查密钥对第一网元前向问候消息和终端问候消息进行消息完整性计算产生第七消息完整性计算结果,使用生成的所述第七消息完整性计算结果验证终端发送过来的所述第三消息完整性计算结果。Step 1110: The first network element performs a message integrity calculation on the first network element forward greeting message and the terminal greeting message by using the generated first consistency check key to generate a seventh message integrity calculation result, which is generated by using The seventh message integrity calculation result verifies the third message integrity calculation result sent by the terminal.
验证成功后,所述第一网元通过接入网元向终端发送第一网元鉴权成功消息。After the verification is successful, the first network element sends a first network element authentication success message to the terminal by using the access network element.
如果上述鉴权认证过程应用于LTE网络中的终端初始认证阶段,则所述的接入网元为演进型基站(eNodeB),第一网元为移动性管理实体(MME),所述的第二网元为归属用户服务器(HSS,Home Subscriber Server)。If the authentication authentication process is applied to the initial authentication phase of the terminal in the LTE network, the access network element is an evolved base station (eNodeB), and the first network element is a mobility management entity (MME), where the The second network element is a home subscriber server (HSS, Home Subscriber Server).
如果上述鉴权认证过程应用于LTE网络中跟踪区域更新(TAU,Tracking Area Update)阶段的鉴权认证,则所述的接入网元为eNodeB,第一网元为目标MME,第二网元为服务MME。If the authentication process is applied to the authentication of the Tracking Area Update (TAU) phase in the LTE network, the access network element is an eNodeB, and the first network element is the target MME, and the second network element is To serve the MME.
下面以LTE网络的鉴权认证为例,对本申请实施例提供的方法进行详细说明。 The method provided by the embodiment of the present application is described in detail below by taking the authentication of the LTE network as an example.
为实施本申请提供的技术方案,需要在现网中进行如下部署:To implement the technical solution provided by this application, you need to deploy the following in the live network:
部署证书管理机构(CA)和查询中心(QueC)。Deploy a Certificate Authority (CA) and a Query Center (QueC).
运营商根据组网需求可以针对每个PLMN部署一个QueC,也可以针对各省部署一个或多个QueC。QueC用于保存所辖管理域内的eNodeB的交换公钥heNB、MME的交换公钥hMME和MME的签名证书,并根据其他网元的请求查询所辖的指定管理域的eNodeB的交换公钥heNB、MME的交换公钥hMME和MME的签名证书,或与其他管理域的查询中心交互,获得其他管理域的eNodeB的交换公钥heNB、MME的交换公钥hMME和签名证书。The operator can deploy one QueC for each PLMN according to networking requirements, or deploy one or more QueCs for each province. The QueC is used to store the exchange public key h eNB of the eNodeB in the management domain, the exchange public key h MME of the MME, and the MME's signature certificate, and query the exchanged public key of the eNodeB of the designated management domain under the jurisdiction of the other network element. h eNB, MME exchange the signed certificate and public key h MME MME or interact with other central administrative domain of inquiry, access to other management domains eNodeB to exchange public keys h eNB, MME exchange h MME public key and signed certificate.
各个运营商通过其部署的CA向其部署的LTE网络中的网元颁发证书:Each operator issues a certificate to the network element in its deployed LTE network through its deployed CA:
CA为LTE网络中的网元HSS颁发两张证书,一张为签名证书,签名证书中存放HSS的签名公钥,另一张为加密证书,加密证书存放HSS的加密公钥。在鉴权认证阶段,由HSS中的鉴权中心(AuC)参与鉴权认证处理,可以理解的是,本申请所描述的HSS的签名证书实际为AuC的签名证书,HSS的签名公钥实际为AuC的签名公钥,HSS的加密证书实际为AuC的加密证书,HSS的加密公钥实际为AuC的加密公钥。The CA issues two certificates for the HSS in the LTE network. One is the signature certificate, the signature certificate contains the signature public key of the HSS, and the other is the encryption certificate. The encryption certificate stores the encrypted public key of the HSS. In the authentication and authentication phase, the authentication center (AuC) in the HSS participates in the authentication and authentication process. It can be understood that the signature certificate of the HSS described in this application is actually the signature certificate of the AuC, and the signature public key of the HSS is actually The signature public key of AuC, the encryption certificate of HSS is actually the encryption certificate of AuC, and the encryption public key of HSS is actually the encryption public key of AuC.
CA为MME颁发一张签名证书,签名证书中存放MME的签名公钥。The CA issues a signature certificate to the MME, and the signature certificate stores the signature public key of the MME.
CA为QueC颁发一张签名证书,签名证书中存放QueC的签名公钥。The CA issues a signed certificate to the QueC, and the signed certificate stores the signature public key of the QueC.
LTE网络中的网元MME中存放用于密钥交换的公、私钥对(hMME,PMME),自身的签名证书、签名私钥,并存放QueC的签名证书。The network element MME in the LTE network stores public and private key pairs (h MME , P MME ) for key exchange, its own signature certificate, signature private key, and stores the signature certificate of QueC.
LTE网络中的网元eNodeB中存放用于密钥交换的公、私钥对(heNB,PeNB),并存放QueC的签名证书。The network element eNodeB in the LTE network stores public and private key pairs (h eNB , P eNB ) for key exchange, and stores the signature certificate of the QueC.
终端的全球用户识别单元(USIM,Universal Subscriber Identity Module)卡中存放一个用于密钥交换的公、私钥对(hU,PU)、HSS的加密证书和签名证书。The US Subscriber Identity Unit (USIM) card stores a public and private key pair (h U , P U ), HSS encryption certificate and signature certificate for key exchange.
HSS中存放自身的签名证书、签名私钥,自身的加密证书、加密私钥,并存放QueC的签名证书、和终端的交换公钥hUThe HSS stores its own signature certificate, signature private key, its own encryption certificate, and encryption private key, and stores the signature certificate of QueC and the exchange public key h U of the terminal.
基于上述网络部署,应用本申请实施例提供的方法的初始认证阶段如图2所示,包括如下操作:Based on the foregoing network deployment, the initial authentication phase of applying the method provided by the embodiment of the present application is as shown in FIG. 2, and includes the following operations:
步骤200、终端(UE)生成第二临时公私钥对,向eNodeB发送消息Msg1。Step 200: The terminal (UE) generates a second temporary public-private key pair, and sends a message Msg1 to the eNodeB.
该消息Msg1包括终端问候(UE Hello)消息和终端密钥交换(UE Key)消息,其消息格式可以是:The message Msg1 includes a UE Hello message and a UE Key message, and the message format can be:
Figure PCTCN2015074961-appb-000001
Figure PCTCN2015074961-appb-000001
在初始认证阶段,终端标识可以但不仅限于为终端的国际移动用户识别码(IMSI,International Mobile Subscriber Identification Number)。In the initial authentication phase, the terminal identity may be, but is not limited to, the International Mobile Subscriber Identification Number (IMSI) of the terminal.
可选的,终端可以使用HSS的加密公钥(PKHSS)对终端的IMSI和UE.Nounce进行加密,相应的,UE.ID=(IMSI&0x7FF0,EnC(PKHSS,IMSI,UENounce)),EnC(PKHSS,IMSI,UE.Nounce)表示使用HSS的加密公钥对终端的IMSI和UE.Nounce进行加密。Optionally, the terminal may encrypt the IMSI and the UE.Nounce of the terminal by using an encrypted public key (PK HSS ) of the HSS , and correspondingly, UE.ID=(IMSI&0x7FF0, EnC(PK HSS , IMSI, UENounce)), EnC ( PK HSS , IMSI, UE.Nounce) indicates that the IMSI and UE.Nounce of the terminal are encrypted using the encrypted public key of the HSS.
步骤210、eNodeB收到上述Msg1后,添加信息后发送Msg2给MME。Step 210: After receiving the Msg1, the eNodeB adds the information and sends the Msg2 to the MME.
该消息Msg2包括终端问候(UE Hello)消息、终端密钥交换(UE Key)消息和接入网元问候消息(eNodeB Hello),其消息格式可以是:The message Msg2 includes a terminal hello (UE Hello) message, a terminal key exchange (UE Key) message, and an access network element hello message (eNodeB Hello), and the message format may be:
Figure PCTCN2015074961-appb-000002
Figure PCTCN2015074961-appb-000002
步骤220、MME收到上述Msg2后确定所述终端的HSS。Step 220: After receiving the foregoing Msg2, the MME determines the HSS of the terminal.
如果Msg2中的信息没有使用HSS的加密公钥进行加密,则MME可以根据终端的IMSI确定HSS。如果Msg1中的信息使用HSS的加密公钥进行加密,则MME可以根据IMSI&0x7FF0确定HSS。If the information in Msg2 is not encrypted using the encrypted public key of the HSS, the MME may determine the HSS based on the IMSI of the terminal. If the information in Msg1 is encrypted using the encrypted public key of the HSS, the MME may determine the HSS based on IMSI&0x7FF0.
步骤230、MME向终端的HSS发送消息Msg3。Step 230: The MME sends a message Msg3 to the HSS of the terminal.
该消息Msg3包括所述UE Hello消息、eNodeB Hello消息和MME后向问候(MME Hello)消息,其消息格式可以是:The message Msg3 includes the UE Hello message, the eNodeB Hello message, and the MME Hello message (MME Hello) message, and the message format may be:
Figure PCTCN2015074961-appb-000003
Figure PCTCN2015074961-appb-000003
步骤240、HSS收到Msg3后,查找IMSI对应的hUStep 240: After receiving the Msg3, the HSS searches for the h U corresponding to the IMSI.
具体的,HSS查询其数据库中保存的IMSI与终端的交换公钥的对应关系,获得IMSI对应的hUSpecifically, the HSS queries the correspondence between the IMSI stored in the database and the exchanged public key of the terminal, and obtains the h U corresponding to the IMSI.
如果终端标识是加密的,则HSS在查询数据库之前,使用HSS加密私钥对EnC(PKHSS,IMSI,UE.Nounce1)解密,获得终端的IMSI,然后查询得到终端交换公钥hUIf the terminal identifier is encrypted, the HSS decrypts the EnC (PK HSS , IMSI, UE.Nounce1) using the HSS encrypted private key before querying the database, obtains the IMSI of the terminal, and then queries the terminal to exchange the public key h U .
步骤250、HSS将上述eNodeB Hello消息和MME Hello消息发送给查询中心,并将终端IMSI明文和终端交换公钥hU发送给查询中心。Step 250: The HSS sends the eNodeB Hello message and the MME Hello message to the query center, and sends the terminal IMSI plaintext and the terminal exchange public key h U to the query center.
步骤260、查询中心根据MME的签名证书获得MME标识(MME.ID),查询到对应 的MME的交换公钥(hMME)并验证MME签名证书(MME.Cert),根据eNodeB ID查询eNodeB对应的交换公钥(heNB),生成QUE-AACResp(查询响应消息),所述QUE-AACResp包含MME.CertResult和AS-UE-MME.Keyinfo,MME.CertResult中携带MME的签名证书及验证结果,AS-UE-MME.Keyinfo中携带终端IMSI明文和终端交换公钥,然后查询中心对MME Hello消息和QUE-AACResp进行签名,也对eNodeB Hello消息和QUE-AACResp进行签名,将两个签名、MME的交换公钥、MME标识(MME.ID)、eNodeB的交换公钥和eNodeB标识(eNodeB.ID)一起发给HSS。Step 260: The query center obtains the MME identity (MME.ID) according to the signature certificate of the MME, queries the exchange public key (h MME ) of the corresponding MME , and verifies the MME signature certificate (MME.Cert), and queries the corresponding eNodeB according to the eNodeB ID. The public key (h eNB ) is exchanged to generate a QUE-AACResp (query response message), the QUE-AACResp includes the MME.CertResult and the AS-UE-MME.Keyinfo, and the MME.CertResult carries the MME's signature certificate and the verification result, and the AS - UE-MME.Keyinfo carries the terminal IMSI plaintext and the terminal exchange public key, and then the query center signs the MME Hello message and QUE-AACResp, and also signs the eNodeB Hello message and QUE-AACResp, and two signatures, MME The exchange public key, the MME identity (MME.ID), the exchange public key of the eNodeB, and the eNodeB identity (eNodeB.ID) are sent to the HSS.
可选的,查询中心可以对MME的交换公钥、MME.ID、eNodeB的交换公钥和eNodeB.ID也进行签名,将该签名也发送给HSS。Optionally, the query center may also sign the exchange public key of the MME, the MME.ID, the exchange public key of the eNodeB, and the eNodeB.ID, and send the signature to the HSS.
具体的,如果eNodeB和MME在该查询中心所辖管理域,则该查询中心在其数据库中查找eNodeB和MME的交换公钥和签名证书。如果eNodeB和MME不在该查询中心所辖管理域,则该查询中心通过和其他查询中心的交互获得eNodeB交换公钥和heNB、MME的交换公钥hMME和签名证书。Specifically, if the eNodeB and the MME are in the management domain of the query center, the query center searches the database for the exchange public key and the signing certificate of the eNodeB and the MME. If the eNodeB and the MME are not in the management domain of the query center, the query center obtains the eNodeB exchange public key and the exchange public key h MME and the signature certificate of the h eNB and the MME through interaction with other query centers.
步骤270、HSS使用查询中心的签名证书验证签名正确后,向MME发送消息Msg4。Step 270: After verifying that the signature is correct by using the signature certificate of the query center, the HSS sends a message Msg4 to the MME.
Msg4中携带鉴权向量信息,其消息格式可以是:Msg4 carries authentication vector information, and its message format can be:
Figure PCTCN2015074961-appb-000004
Figure PCTCN2015074961-appb-000004
QUE-eNB.Sig(eNodeB Hello,QUE-AACResp,HSS-UEResP)//使用查询中心的签名私钥进行签名QUE-eNB.Sig (eNodeB Hello, QUE-AACResp, HSS-UEResP) // Signature using the signature private key of the query center
QUE-MME.Sig(MME Hello,QUE-AACResp)//使用查询中心的签名私钥进行签名QUE-MME.Sig(MME Hello, QUE-AACResp)//Signature using the signature private key of the query center
步骤280、MME收到Msg4,使用查询中心的签名证书验证QUE-MME.Sig的签名正确后,表示数据有效。Step 280: After receiving the Msg4, the MME uses the signature certificate of the query center to verify that the signature of the QUE-MME.Sig is correct, indicating that the data is valid.
本申请实施例中,使用查询中心的签名证书验证基于查询中心的签名私钥的签名,具体是指,使用查询中心的签名证书中保存的签名公钥验证基于查询中心的签名私钥的签名。In the embodiment of the present application, the signature of the signature private key of the query center is verified by using the signature certificate of the query center. Specifically, the signature of the signature private key based on the query center is verified by using the signature public key saved in the signature certificate of the query center.
步骤290、MME生成用于密钥交换的第一临时公私钥对(x,xP)和包含第一网元前向随机数的第一网元前向问候消息,利用IMSI、MME.ID、MME交换私钥、第一临时私 钥(x)、终端交换公钥和第二临时公钥(zP)生成第一一致性检查密钥,使用该第一一致性检查密钥对UE_Hello和第一网元前向问候消息进行完整性计算产生第一消息完整性计算结果,并向eNodeB发送消息Msg5。Step 290: The MME generates a first temporary public-private key pair (x, xP) for key exchange and a first network element forward greeting message including a first network element forward random number, using IMSI, MME.ID, and MME. Exchange private key, first temporary private The key (x), the terminal exchange public key, and the second temporary public key (zP) generate a first consistency check key, and use the first consistency check key to perform UE_Hello and the first network element forward greeting message. The integrity calculation produces a first message integrity calculation result and sends a message Msg5 to the eNodeB.
该消息Msg5包括鉴权向量信息、包含第一临时公钥的第一网元密钥交换(MME-UEKey)消息和第一网元前向问候消息(MME-UEHello),以及第一消息完整性计算结果(MMEFinish)。The message Msg5 includes authentication vector information, a first network element key exchange (MME-UEKey) message including a first temporary public key, and a first network element forward greeting message (MME-UEHello), and first message integrity. Calculation result (MMEFinish).
其消息格式如下:The message format is as follows:
Figure PCTCN2015074961-appb-000005
Figure PCTCN2015074961-appb-000005
其中,MME生成第一一致性检查密钥的具体实现方式可以但不仅限于采用以下技术手段实现:The specific implementation manner of the MME to generate the first consistency check key may be, but is not limited to, the following technical means:
将PMME与zP进行点乘计算出第三密钥种子,将hU与x进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到密钥Key;所述MME利用所述Key,IMSI、MME.ID,终端随机数UE.Nounce,MME前向随机数MME-UE.Nounce,生成第一一致性检查密钥IKASME,使用IKASME对Msg1的UEHello和MME生成的MME前向问候消息进行完整性计算得到第一消息完整性计算结果,该完整性算法可采用公知的HMAC函数或密码函数实现,后面描述的完整性计算应采用与该步骤相同的完整性算法。Calculating a third key seed by multiplying P MME and zP, multiplying h U and x to calculate a fourth key seed, and performing one-way operation on the third key seed and the fourth key seed Obtaining a key Key; the MME generates a first consistency check key IK ASME by using the Key, IMSI, MME.ID, terminal random number UE.Nounce, MME forward random number MME-UE.Nounce, using The IK ASME performs integrity calculation on the UEHello of the Msg1 and the MME forward greeting message generated by the MME to obtain a first message integrity calculation result, and the integrity algorithm may be implemented by using a well-known HMAC function or a cryptographic function, and the integrity calculation described later should be Use the same integrity algorithm as this step.
即采用DH密钥交换算法,对终端和MME的交换公私钥和临时公私钥进行点乘后哈希运算获得密钥Key,Key=Hash(hUx||PMMEzP),再使用密钥导出函数KDF(Key,IMSI、MME标识MME.ID,终端随机数UE.Nounce,MME前向随机数MME-UE.Nounce)分别产生3GPP规范定义的第一一致性检查密钥(IKASME)、KASME,然后按照3GPP定义的密钥扩展方法进行扩展。That is, the DH key exchange algorithm is used, and the exchange public key and the temporary public private key of the terminal and the MME are subjected to dot multiplication and then hashed to obtain the key Key, Key=Hash(h U x||P MME zP), and then the key is used. The derived function KDF (Key, IMSI, MME identifier MME.ID, terminal random number UE.Nounce, MME forward random number MME-UE.Nounce) respectively generate a first consistency check key (IK ASME ) defined by the 3GPP specification K ASME is then extended according to the key extension method defined by 3GPP.
步骤2100、eNodeB收到消息,使用查询中心的签名证书验证QUE-eNB.Sig的签名正确后,保存MME的签名证书。eNodeB生成用于密钥交换的接入网元临时公私钥对(y,yP)和包含接入网元前向随机数的接入网元前向问候消息,利用IMSI、eNodeB.ID、eNodeB 交换私钥、接入网元临时私钥(y)、终端交换公钥和第二临时公钥(zP)生成接入一致性检查密钥,使用该接入一致性检查密钥对UE_Hello和接入网元前向问候消息进行完整性计算生成接入消息完整性计算结果,并向终端发送消息Msg6。Step 2100: After receiving the message, the eNodeB uses the signature certificate of the query center to verify that the signature of the QUE-eNB.Sig is correct, and saves the signature certificate of the MME. The eNodeB generates an access network element temporary public-private key pair (y, yP) for key exchange and an access network element forward greeting message including the access network element forward random number, using IMSI, eNodeB.ID, eNodeB The exchange private key, the access network temporary private key (y), the terminal exchange public key, and the second temporary public key (zP) generate an access consistency check key, and use the access consistency check key pair UE_Hello to connect The integrity calculation of the incoming message to the hello message generates an access message integrity calculation result, and sends a message Msg6 to the terminal.
该消息Msg6包括鉴权向量信息、包含第一临时公钥的第一网元密钥交换(MME-UEKey)消息和第一网元前向问候消息(MME-UEHello),以及第一完整性计算结果(MMEFinish),还有包含接入网元临时公钥的接入网元密钥交换(eNodeB-UEKey)消息和接入网元前向问候消息(eNodeB-UEHello),以及接入消息完整性计算结果(eNodeBFinish)。The message Msg6 includes authentication vector information, a first network element key exchange (MME-UEKey) message including a first temporary public key, and a first network element forward greeting message (MME-UEHello), and a first integrity calculation. The result (MMEFinish), there is also an access network element key exchange (eNodeB-UEKey) message including the access network element temporary public key and the access network element forward greeting message (eNodeB-UEHello), and access message integrity. Calculate the result (eNodeBFinish).
其消息格式如下:The message format is as follows:
Figure PCTCN2015074961-appb-000006
Figure PCTCN2015074961-appb-000006
其中,eNodeB生成接入一致性检查密钥的具体实现方式与MME相同,只是将MME的信息换为eNodeB信息,产生IKeNB、KeNB,NKeNB,按照3GPP定义的密钥扩展方法进行扩展。The specific implementation manner of the eNodeB to generate the access consistency check key is the same as that of the MME, but the MME information is replaced by the eNodeB information, and the IKeNB, the KeNB, and the NKeNB are generated, and extended according to the key extension method defined by the 3GPP.
步骤2110、终端收到消息Msg6,使用HSS的签名证书验证HSS-UE.Sig,验证成功后利用Msg6中的信息、IMSI、第一临时公钥(xP)、终端交换私钥和第二临时私钥(z)生成第二一致性检查密钥,使用该第二一致性检查密钥对UE_Hello和第一网元前向问候消息进行完整性计算产生第二消息完整性计算结果,将第二消息完整性计算结果与MME发送的第一消息完整性计算结果进行比对,比对正确后,使用生成的第二一致性检查密钥对第一网元前向问候消息和UE_Hello进行第二次消息完整性计算产生第三消息完整性计算结果。Step 2110: The terminal receives the message Msg6, and uses the HSS signature certificate to verify the HSS-UE.Sig. After the verification succeeds, the information in the Msg6, the IMSI, the first temporary public key (xP), the terminal exchange private key, and the second temporary private are utilized. The key (z) generates a second consistency check key, and uses the second consistency check key to perform integrity calculation on the UE_Hello and the first network element forward greeting message to generate a second message integrity calculation result, which will be The second message integrity calculation result is compared with the first message integrity calculation result sent by the MME. After the comparison is correct, the first network element forward greeting message and the UE_Hello are performed by using the generated second consistency check key. The secondary message integrity calculation produces a third message integrity calculation result.
终端利用Msg6中的信息、IMSI、接入网元临时公钥(yP)、终端交换私钥和第二临时私钥(z)生成第三一致性检查密钥,使用该第三一致性检查密钥对UE_Hello和eNodeB 前向问候消息进行完整性计算产生第四消息完整性计算结果,将第四消息完整性计算结果与eNodeB发送的接入完整性计算结果进行比对,比对正确后,使用生成的第三一致性检查密钥对eNodeB前向问候消息和UE Hello进行消息完整性计算产生第五消息完整性计算结果。The terminal generates a third consistency check key by using the information in the Msg6, the IMSI, the access network temporary public key (yP), the terminal exchange private key, and the second temporary private key (z), and uses the third consistency. Check key pair UE_Hello and eNodeB The integrity calculation of the forward greeting message generates a fourth message integrity calculation result, and compares the fourth message integrity calculation result with the access integrity calculation result sent by the eNodeB. After the comparison is correct, the generated third one is used. The certificate check key generates a fifth message integrity calculation result for the eNodeB forward greeting message and the UE Hello message integrity calculation.
终端向eNodeB发送Msg7。The terminal sends Msg7 to the eNodeB.
其中,终端两次进行消息完整性计算时输入字段的顺序不同。例如,第一次进行消息完整性计算时,首先输入第一网元前向问候消息,然后输入UE Hello;第二次进行消息完整性计算时,首先输入UE_Hello,然后输入第一网元前向问候消息。The order of input fields is different when the terminal performs message integrity calculation twice. For example, when performing the message integrity calculation for the first time, first input the first network element forward greeting message, and then input the UE Hello; when performing the second message integrity calculation, first input UE_Hello, and then input the first network element forward. Greeting message.
该消息Msg7的消息格式如下:The message format of the message Msg7 is as follows:
Figure PCTCN2015074961-appb-000007
Figure PCTCN2015074961-appb-000007
其中,终端利用Msg6中的信息、IMSI、xP、终端交换私钥和z生成第二一致性检查密钥的具体实现方式可以但不仅限于采用以下技术手段实现:The specific implementation manner in which the terminal uses the information in the Msg6, the IMSI, the xP, the terminal exchange private key, and the z to generate the second consistency check key may be, but is not limited to, the following technical means:
将PU与xP进行点乘计算出第一密钥种子,将hMME与z进行点乘计算出第二密钥种子,对所述第一密钥种子和第二密钥种子进行单向运算得到密钥Key;所述终端利用所述Key,IMSI、MME标识MME.ID,终端随机数UE.Nounce,MME前向随机数MME-UE.Nounce,生成第二一致性检查密钥IKASMECalculating the first key seed by multiplying P U and xP, multiplying h MME and z to calculate a second key seed, and performing one-way operation on the first key seed and the second key seed Obtaining a key Key; the terminal uses the Key, the IMSI, the MME to identify the MME.ID, the terminal random number UE.Nounce, and the MME forward random number MME-UE.Nounce to generate a second consistency check key IK ASME .
进一步的,终端还保存CertMME。Further, the terminal also saves CertMME.
终端利用Msg6中的信息、IMSI、yP、终端交换私钥和z生成第三一致性检查密钥的具体实现方式可以但不仅限于采用以下技术手段实现:The specific implementation manner in which the terminal uses the information in the Msg6, the IMSI, the yP, the terminal exchange private key, and the z to generate the third consistency check key may be, but is not limited to, the following technical means:
将PU与yP进行点乘计算出第五密钥种子,将heNodeB与z进行点乘计算出第六密钥种子,对所述第五密钥种子和第六密钥种子进行单向运算得到密钥Key;所述终端利用所述Key,IMSI、eNodeB.ID,终端随机数UE.Nounce,eNodeB前向随机数eNodeB-UE.Nounce,生成第三一致性检查密钥IKeNBCalculating the fifth key seed by multiplying P U and yP, multiplying the h eNodeB and z to calculate a sixth key seed, and performing a one-way operation on the fifth key seed and the sixth key seed. Obtaining a key Key; the terminal generates a third consistency check key IK eNB by using the Key, IMSI, eNodeB. ID, terminal random number UE.Nounce, and eNodeB forward random number eNodeB-UE.Nounce.
步骤2120、eNodeB收到Msg7后,使用接入一致性检查密钥IKeNB对eNodeB前向问候消息和UE_Hello进行完整性计算产生第六消息完整性计算结果,与Msg7的UE-eNodeB.Mic进行比对验证,验证正确,发送Msg8到MME。Step 2120: After receiving the Msg7, the eNodeB uses the access consistency check key IK eNB to perform an integrity calculation on the eNodeB forward hello message and the UE_Hello to generate a sixth message integrity calculation result, which is compared with the UE-eNodeB.Mic of the Msg7. For verification, verify correctly, send Msg8 to MME.
其消息格式如下:The message format is as follows:
UE-MMEFinish         //UE对MME的结束信息 UE-MMEFinish // UE end information to the MME
步骤2130、MME收到Msg8后,使用第一一致性检查密钥IKASME对MME前向问候消息和UE_Hello进行完整性计算产生第七消息完整性计算结果,与Msg7的UE-MME.Mic进行比对验证。Step 2130: After receiving the Msg8, the MME performs the seventh message integrity calculation result by performing the integrity calculation on the MME forward greeting message and the UE_Hello using the first consistency check key IK ASME , and performs the UE-MME.Mic with the Msg7. Alignment verification.
步骤2140、MME通过eNodeB向UE发送Msg9。Step 2140: The MME sends the Msg9 to the UE by using the eNodeB.
如果Msg7验证正确,Msg9是鉴权成功消息,否则是失败消息。If Msg7 is verified correctly, Msg9 is an authentication success message, otherwise it is a failure message.
基于上述网络部署,应用本申请实施例提供的方法的TAU阶段如图3所示,包括如下操作:Based on the foregoing network deployment, the TAU stage of the method provided by the embodiment of the present application is as shown in FIG. 3, and includes the following operations:
步骤300、UE生成第二临时公私钥对,向网络传送Msg1。Step 300: The UE generates a second temporary public-private key pair, and transmits Msg1 to the network.
该Msg1的消息格式如下:The message format of the Msg1 is as follows:
Figure PCTCN2015074961-appb-000008
Figure PCTCN2015074961-appb-000008
TAU阶段,全球唯一临时标识(GUTI,Globally Unique Temporary Identity)即UE.ID。In the TAU phase, the Globally Unique Temporary Identity (GUTI) is the UE.ID.
步骤310、eNodeB收到上述Msg1后,添加信息后发送Msg2给目标MME。Step 310: After receiving the Msg1, the eNodeB adds the information and sends the Msg2 to the target MME.
该消息Msg2包括终端问候(UE Hello)消息、终端密钥交换(UE Key)消息和eNodeB问候消息(eNodeB Hello)、接入网元密钥交换(eNodeBkey),其消息格式可以是:The message Msg2 includes a terminal hello (UE Hello) message, a terminal key exchange (UE Key) message, and an eNodeB hello message (eNodeB Hello), and an access network element key exchange (eNodeBkey). The message format may be:
Figure PCTCN2015074961-appb-000009
Figure PCTCN2015074961-appb-000009
步骤320、目标MME(MMEn)收到Msg2后,根据GUTI确定当前服务的MME(MMEo),并向MMEo发送Msg3。Step 320: After receiving the Msg2, the target MME (MMEn) determines the currently served MME (MMEo) according to the GUTI, and sends the Msg3 to the MMEo.
该Msg3的消息格式如下:The message format of the Msg3 is as follows:
Figure PCTCN2015074961-appb-000010
Figure PCTCN2015074961-appb-000010
Figure PCTCN2015074961-appb-000011
Figure PCTCN2015074961-appb-000011
步骤330、MMEo接收Msg3,向MMEn返回Msg4。In step 330, MMEo receives Msg3 and returns Msg4 to MMEn.
该Msg4的消息格式如下:The message format of the Msg4 is as follows:
Figure PCTCN2015074961-appb-000012
Figure PCTCN2015074961-appb-000012
其中MMEn.CertResult包含CertMMEn及其验证结果,AS-MME-UE.Keyinfo包含MMEn交换公钥hMMEn,AS-UE-MME包含终端交换公钥hu和终端标识。The MMEn.CertResult includes the CertMMEn and the verification result thereof, and the AS-MME-UE.Keyinfo includes the MMEn exchange public key h MMEn , and the AS-UE-MME includes the terminal exchange public key hu and the terminal identifier.
步骤340、MMEn收到Msg4,得到hUStep 340, MMEn receives Msg4, and obtains h U .
由于MMEn信任MMEo,它们之间的通信信道是受保护的,因此不需要对MMEo发送的信息进行签名验证即可使用。Since the MMEn trusts the MMEo, the communication channel between them is protected, so that it is not necessary to perform signature verification on the information sent by the MMEo.
步骤350、MMEn生成用于密钥交换的第一临时公私钥对(x,xP)和包含MMEn前向随机数的MMEn前向问候消息,利用UE.ID、MMEn.ID、MMEn交换私钥、第一临时私钥、终端交换公钥和第二临时公钥生成第一一致性检查密钥,使用该一致性检查密钥对UE_Hello和MMEn前向问候消息进行完整性计算产生第一消息完整性计算结果,并向eNodeB发送Msg5。Step 350: The MMEn generates a first temporary public-private key pair (x, xP) for key exchange and an MMEn forward greeting message including an MMEn forward random number, and exchanges a private key by using UE.ID, MMEn.ID, and MMEn. The first temporary private key, the terminal exchange public key, and the second temporary public key generate a first consistency check key, and use the consistency check key to perform integrity calculation on the UE_Hello and MMEn forward greeting messages to generate a first message complete. Sexually calculate the result and send Msg5 to the eNodeB.
该Msg5的消息结构如下:The message structure of the Msg5 is as follows:
Figure PCTCN2015074961-appb-000013
Figure PCTCN2015074961-appb-000013
MMEn-UE.Mic(UE Hello,MMEn-UEHello)//携带第一消息完整性计算结果,括号中字段顺序不能变MMEn-UE.Mic (UE Hello, MMEn-UEHello)// carries the first message integrity calculation result, and the field order in parentheses cannot be changed.
Figure PCTCN2015074961-appb-000014
Figure PCTCN2015074961-appb-000014
Figure PCTCN2015074961-appb-000015
Figure PCTCN2015074961-appb-000015
其中,一致性检查密钥及完整性计算的具体实现方式可以参照上述实施例的描述,这里不再赘述。For a specific implementation manner of the consistency check key and the integrity calculation, refer to the description of the foregoing embodiment, and details are not described herein again.
步骤360、eNodeB验证MMEn的签名正确后,eNodeB生成用于密钥交换的接入网元临时公私钥对(y,yP)和包含eNodeB前向随机数的eNodeB前向问候消息,利用UE.ID、MMEn.ID、MMEn交换私钥、接入网元临时私钥、终端交换公钥和第二临时公钥生成接入一致性检查密钥,使用该接入一致性检查密钥对UE_Hello和eNodeB前向问候消息进行完整性计算产生接入消息完整性计算结果,并向UE发送Msg6。Step 360: After the eNodeB verifies that the signature of the MMEn is correct, the eNodeB generates an access network element temporary public-private key pair (y, yP) for key exchange and an eNodeB forward greeting message including an eNodeB forward random number, using the UE.ID. And the MMEn.ID, the MMEn exchange private key, the access network temporary private key, the terminal exchange public key, and the second temporary public key generate an access consistency check key, and use the access consistency check key pair UE_Hello and eNodeB The integrity calculation of the forward greeting message generates an access message integrity calculation result and sends Msg6 to the UE.
该Msg6的消息结构如下:The message structure of the Msg6 is as follows:
Figure PCTCN2015074961-appb-000016
Figure PCTCN2015074961-appb-000016
步骤370、UE收到消息Msg6,使用保存的MMEo的签名证书验证MMEo-UE.Sig,验证成功后,利用Msg6中的信息、GUTI、第一临时公钥(xP)、终端交换私钥和第二临时私钥(z)生成第二一致性检查密钥。Step 370: The UE receives the message Msg6, and uses the saved MMEo's signature certificate to verify the MMEo-UE.Sig. After the verification succeeds, the information in the Msg6, the GUTI, the first temporary public key (xP), the terminal exchange private key, and the first The second temporary private key (z) generates a second consistency check key.
终端利用Msg6中的信息、GUTI、接入网元临时公钥(yP)、终端交换私钥和第二临时私钥(z)生成第三一致性检查密钥。The terminal generates a third consistency check key by using the information in the Msg6, the GUTI, the access network element temporary public key (yP), the terminal exchange private key, and the second temporary private key (z).
生成一致性密钥的具体实现方式可以参照上述实施例的描述,这里不再赘述。For a specific implementation manner of generating a consistency key, refer to the description of the foregoing embodiment, and details are not described herein again.
进一步的,终端将保存CertMMEn。Further, the terminal will save CertMMEn.
步骤380、UE使用该第二一致性检查密钥对MMEn前向问候消息和UE Hello进行完整性计算产生第二消息完整性计算结果,将第二消息完整性计算结果与MMEn发送的第一消息完整性计算结果进行比对,比对正确后,使用生成的第二一致性检查密钥对MMEn前向问候消息和UE Hello进行第二次消息完整性计算产生第三消息完整性计算结果,向 MMEn发送Msg7。Step 380: The UE uses the second consistency check key to perform integrity calculation on the MMEn forward hello message and the UE Hello, and generates a second message integrity calculation result, and sends the second message integrity calculation result to the first sent by the MMEn. The result of the message integrity calculation is compared. After the comparison is correct, the second message integrity calculation result is generated by using the generated second consistency check key to perform the second message integrity calculation on the MMEn forward greeting message and the UE Hello. To MMEn sends Msg7.
该Msg7的消息格式如下:The message format of the Msg7 is as follows:
Figure PCTCN2015074961-appb-000017
Figure PCTCN2015074961-appb-000017
消息完整性计算的具体实现方式可以参照上述实施例的描述,这里不再赘述。For a specific implementation manner of the message integrity calculation, reference may be made to the description of the foregoing embodiment, and details are not described herein again.
步骤390、eNodeB收到Msg7后,使用接入一致性检查密钥IKeNB对MMEn前向问候消息和UE-Hello进行完整性计算产生第六消息完整性计算结果,与Msg7的UE-eNodeB.Mic进行比对验证,验证正确后,发送Msg8到MMEn。Step 390: After receiving the Msg7, the eNodeB uses the access consistency check key IK eNB to perform the sixth message integrity calculation result on the MMEn forward hello message and the UE-Hello integrity calculation result, and the UE-eNodeB.Mic of the Msg7 After performing the comparison verification, after verifying correctly, send Msg8 to MMEn.
其消息格式如下:The message format is as follows:
UE-MMEnFinish        //UE结束信息UE-MMEnFinish // UE end information
其中,eNodeB生成接入一致性检查密钥的具体实现方式与前实施例相同,产生IKeNB、KeNB,NKeNB,按照3GPP定义的密钥扩展方法进行扩展。The specific implementation manner of the eNodeB to generate the access consistency check key is the same as that in the previous embodiment, and the IK eNB , the K eNB , and the NK eNB are generated, and extended according to the key extension method defined by the 3GPP.
步骤3100、MMEn收到Msg8后,使用第一一致性检查密钥IKASME对MMEn前向问候消息和UE-Hello进行完整性计算产生第七消息完整性计算结果,与Msg8的UE-MMEn.Mic进行比对验证。Step 3100: After receiving the Msg8, the MMEn uses the first consistency check key IK ASME to perform an integrity calculation on the MMEn forward hello message and the UE-Hello to generate a seventh message integrity calculation result, and the UE-MMEn of the Msg8. Mic performs verification verification.
步骤3100的具体实现方式可以但不仅限于:计算Key=Hash(hUx||PMMEnzP),使用密钥导出函数KDF(Key,GUTI、MMEn标识MMEn.ID,终端随机数UE-MMEn.Nounce,MMEn随机数MMEn-UE.Nounce)产生IKASME、KASME,根据MIC(IKASME)验证Msg5的MIC值正确后,使用3GPP定义的的密钥体系进行扩展。The specific implementation of the step 3100 may be: but not limited to: calculating Key=Hash(h U x||P MMEn zP), using a key derivation function KDF (Key, GUTI, MMEn identifier MMEn.ID, terminal random number UE-MMEn. Nounce, MMEn random number MMEn-UE.Nounce) generates IK ASME , K ASME , and verifies that the MIC value of Msg5 is correct according to MIC (IK ASME ), and then expands using the key system defined by 3GPP.
步骤3110、MMEn向eNodeB和终端发送Msg9。Step 3110: The MMEn sends the Msg9 to the eNodeB and the terminal.
如果Msg8验证正确,Msg9是鉴权成功消息,否则是失败消息。If Msg8 is verified correctly, Msg9 is an authentication success message, otherwise it is a failure message.
基于与方法同样的发明构思,本申请实施例还提供一种网络鉴权认证的系统,其结构如图4所示,具体包括:接入网元400、第一网元401、第二网元402、和终端403。各个设备的工作原理及相互间的配合实施如上述各方法实施例的描述,这里不再赘述。Based on the same inventive concept as the method, the embodiment of the present application further provides a system for network authentication and authentication, and the structure thereof is as shown in FIG. 4, which specifically includes: an access network element 400, a first network element 401, and a second network element. 402, and terminal 403. The working principle of each device and the cooperation between the two are implemented as described in the foregoing method embodiments, and are not described here.
本申请实施例提供的系统,网络中传递的鉴权向量经过签名私钥签名,鉴权双方使用一致性检查密钥进行消息完整性计算,进而通过对消息完整性计算结果进行验证实现鉴权,保证了鉴权信息在传递过程中的安全性以及鉴权的可靠性。In the system provided by the embodiment of the present application, the authentication vector transmitted in the network is signed by the signature private key, and the authentication parties use the consistency check key to perform message integrity calculation, and then perform authentication by verifying the message integrity calculation result. The security of the authentication information in the delivery process and the reliability of the authentication are guaranteed.
基于与方法同样的发明构思,本申请实施例还提供一种终端,其结构如图5所示,具体包括:鉴权消息发送模块501、鉴权模块502、密钥生成模块503、和消息完整性检验模 块504。其中:Based on the same inventive concept as the method, the embodiment of the present application further provides a terminal, and the structure thereof is as shown in FIG. 5, which specifically includes: an authentication message sending module 501, an authentication module 502, a key generation module 503, and a message complete. Sex test Block 504. among them:
鉴权消息发送模块501,用于生成第二临时公私钥对,向接入网元发送终端问候消息和终端密钥交换消息,所述终端问候消息包含终端标识和终端随机数,所述终端密钥交换消息包含第二临时公钥;The authentication message sending module 501 is configured to generate a second temporary public-private key pair, and send a terminal greeting message and a terminal key exchange message to the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal confidentiality The key exchange message includes a second temporary public key;
鉴权模块502,用于使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验证;The authentication module 502 is configured to verify the signature of the received authentication vector information by using the saved signature certificate of the second network element.
密钥生成模块503,用于所述鉴权模块502验证成功后,利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥,并利用所述鉴权向量信息、所述终端标识、所述接入网元临时公钥、终端交换私钥、和所述第二临时私钥生成第三一致性检查密钥;The key generation module 503 is configured to use the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary after the authentication module 502 successfully verifies The private key generates a second consistency check key, and generates the authentication vector information, the terminal identifier, the access network element temporary public key, the terminal exchange private key, and the second temporary private key. Third consistency check key;
消息完整性检验模块504,用于使用所述第二一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将所述第二消息完整性计算结果与第一网元发送的所述第一消息完整性计算结果比对,比对正确后,使用生成的所述第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果;使用所述第三一致性检查密钥对所述终端问候消息和接入网元前向问候消息进行消息完整性计算产生第四消息完整性计算结果,将所述第四消息完整性计算结果与接入网元发送的所述接入消息完整性计算结果比对,比对正确后,使用生成的所述第三一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第五消息完整性计算结果;将所述第五消息完整性计算结果发送给所述接入网元,并将所述第三消息完整性计算结果通过所述接入网元发送给所述第一网元。The message integrity check module 504 is configured to generate a second message integrity calculation result by performing message integrity calculation on the terminal hello message and the first network element forward greeting message by using the second consistency check key, The second message integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to the first network. Performing a second message integrity calculation on the second message integrity calculation to the hello greeting message and the terminal greeting message; using the third consistency check key to the terminal greeting message and accessing the network element forward The message integrity calculation is performed to generate a fourth message integrity calculation result, and the fourth message integrity calculation result is compared with the access message integrity calculation result sent by the access network element, and after the comparison is correct, Performing a message integrity calculation on the access network element forward greeting message and the terminal greeting message by using the generated third consistency check key to generate a fifth message integrity calculation result; Five message integrity calculation result is sent to the access network element, the integrity of the calculation result and the third message sent by the access network element to said first network element.
较佳地,所述鉴权向量信息中包括所述第一网元签名证书及其验证结果,和使用所述第二网元的签名私钥对所述第一网元签名证书及其验证结果进行的签名,所述终端还包括:签名证书保存模块,用于在所述鉴权模块验证成功后,获取并保存所述第一网元的签名证书。Preferably, the authentication vector information includes the first network element signature certificate and a verification result thereof, and the first network element signature certificate and the verification result thereof by using the signature private key of the second network element And performing the signature, the terminal further includes: a signature certificate saving module, configured to acquire and save the signature certificate of the first network element after the authentication module succeeds in verifying.
较佳地,所述密钥生成模块具体用于:对所述鉴权向量信息中的终端随机数进行验证,当验证成功后,将终端交换私钥与第一临时公钥进行点乘计算出第一密钥种子,将第一网元交换公钥与第二临时私钥进行点乘计算出第二密钥种子,对所述第一密钥种子和所述第二密钥种子进行单向运算得到第一密钥;利用所述第一密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第二一致性检查密钥;对所述鉴权向量信息中的终端随机数进行验证,当验证成功后,将终端交换私钥与接入网元临时公钥进行点乘计算出第五密钥种子,将接入网元交换公钥与第二临时私钥进行点乘计算出第六密钥种子,对所述第五密钥种子和所述第六密钥种子进行单向运算得到第二密钥;利用所述第二密 钥、终端标识、接入网元标识、接入网元前向随机数、和终端随机数,生成第三一致性检查密钥。Preferably, the key generation module is configured to: verify the terminal random number in the authentication vector information, and perform point multiplication on the terminal exchange private key and the first temporary public key after the verification is successful. a first key seed, performing a point multiplication of the first network element exchange public key and the second temporary private key to calculate a second key seed, and performing one-way on the first key seed and the second key seed Calculating a first key; generating a second consistency check key by using the first key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number; The terminal random number in the authentication vector information is verified. After the verification is successful, the terminal exchange private key is multiplied by the access network element temporary public key to calculate a fifth key seed, and the access network element exchanges the public key. Calculating a sixth key seed by performing dot multiplication with the second temporary private key, performing a one-way operation on the fifth key seed and the sixth key seed to obtain a second key; using the second secret The key, the terminal identifier, the access network element identifier, the forward random number of the access network element, and the terminal random number generate a third consistency check key.
基于与方法同样的发明构思,本申请实施例还提供一种接入网元,其结构如图6所示,具体包括:Based on the same inventive concept as the method, the embodiment of the present application further provides an access network element, and the structure thereof is as shown in FIG.
鉴权消息传输模块601,用于接收终端发送的终端问候消息和终端密钥交换消息,所述终端问候消息包含终端标识和终端随机数,所述终端密钥交换消息包含第二临时公钥;向第一网元发送所述终端问候消息、所述终端密钥交换消息和接入网元问候消息,所述接入网元问候消息包含接入网元标识和接入网元后向随机数;The authentication message transmission module 601 is configured to receive a terminal hello message and a terminal key exchange message sent by the terminal, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal key exchange message includes a second temporary public key; Sending, by the first network element, the terminal hello message, the terminal key exchange message, and the access network element greeting message, where the access network element greeting message includes an access network element identifier and a backward random number of the access network element ;
鉴权模块602,用于生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息,利用获得的鉴权向量信息、所述第二临时公钥、所述接入网元交换私钥和所述接入网元临时私钥生成接入一致性检查密钥,使用所述接入一致性检查密钥对所述终端问候消息和接入网元前向问候消息进行完整性计算产生接入消息完整性计算结果,并向终端发送所述鉴权向量信息、包含接入网元临时公钥的接入网元密钥交换消息、所述接入网元前向问候消息、接入消息完整性计算结果、所述第一网元前向问候消息和所述第一消息完整性计算结果;以及使用所述接入一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第六消息完整性计算结果,使用所述第六消息完整性计算结果验证终端发送的第五消息完整性计算结果,验证成功后,向所述终端发送接入网元鉴权成功消息。The authentication module 602 is configured to generate an access network element temporary public-private key pair and an access network element forward greeting message including the access network element forward random number, and use the obtained authentication vector information, the second temporary public Key, the access network element exchange private key, and the access network element temporary private key generate an access consistency check key, and use the access consistency check key to the terminal greeting message and the access network. The integrity calculation of the incoming message to the hello message generates an access message integrity calculation result, and sends the authentication vector information, the access network element key exchange message including the access network element temporary public key, and the connection to the terminal. a network element forward greeting message, an access message integrity calculation result, the first network element forward greeting message, and the first message integrity calculation result; and using the access consistency check key to connect Performing message integrity calculation on the incoming message forward message and the terminal greeting message to generate a sixth message integrity calculation result, and verifying the fifth message integrity calculation result sent by the terminal by using the sixth message integrity calculation result, and verifying After the power is transmitted to the access network element terminal authentication success message.
较佳地,在初始认证阶段,所述鉴权模块还用于:对接入网元问候消息、终端标识、终端的交换公钥、接入网元的交换公钥和第一网元的交换公钥的签名进行验证,以便验证成功后,生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息。Preferably, in the initial authentication phase, the authentication module is further configured to: exchange the access NE greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the exchange of the first network element. The signature of the public key is verified, so that after the verification succeeds, the first temporary public-private key pair and the first network element forward greeting message including the first network element forward random number are generated.
较佳地,在跟踪区域更新阶段,所述鉴权向量信息中还包括所述第一网元签名证书及其验证结果;所述接入网元接收到所述所述鉴权向量信息时,还接收到使用第一网元签名私钥对第一网元签名证书及其验证结果进行的签名;所述鉴权模块生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息时,具体用于:使用所述第一网元的签名证书对所述签名进行验证,以便验证成功后,生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息。Preferably, in the tracking area update phase, the authentication vector information further includes the first network element signature certificate and a verification result thereof; when the access network element receives the authentication vector information, And receiving a signature of the first network element signature certificate and the verification result thereof by using the first network element signature private key; the authentication module generates the temporary network public key pair of the access network element and the forward random number including the access network element When the access NE forwards the message, it is specifically used to: use the signature certificate of the first network element to verify the signature, so that after the verification succeeds, the access network element temporary public-private key pair and the access are generated. The access NE forward greeting message of the network element forward random number.
基于上述任意接入网元实施例,较佳地,所述鉴权模块生成接入一致性检查密钥时,具体用于:将接入网元交换私钥与所述第二临时公钥进行点乘计算出第七密钥种子,将终端交换公钥与所述接入网元临时私钥进行点乘计算出第八密钥种子,对所述第七密钥种子和第八密钥种子进行单向运算得到第三密钥;利用所述第三密钥、终端标识、接入网元标识、接入网元前向随机数、和终端随机数,生成第三一致性检查密钥。Based on the foregoing any embodiment of the access network element, preferably, when the authentication module generates the access consistency check key, the method is specifically configured to: perform the access network element exchange private key and the second temporary public key. Calculating the seventh key seed by point multiplication, and multiplying the terminal exchange public key and the access network element temporary private key to calculate an eighth key seed, and the seventh key seed and the eighth key seed Performing a one-way operation to obtain a third key; generating a third consistency check key by using the third key, the terminal identifier, the access network element identifier, the access network element forward random number, and the terminal random number .
基于与方法同样的发明构思,本申请实施例还提供一种第一网元,其结构如图7所示, 具体包括:鉴权消息传输模块701、鉴权向量信息获取模块702、和鉴权模块703。其中:Based on the same inventive concept as the method, the embodiment of the present application further provides a first network element, and the structure thereof is as shown in FIG. 7 . Specifically, the authentication message transmission module 701, the authentication vector information acquisition module 702, and the authentication module 703 are included. among them:
鉴权消息传输模块701,用于接收接入网元发送的终端问候消息、终端密钥交换消息和接入网元问候消息,所述终端问候消息包含终端标识和终端随机数,所述终端密钥交换消息包含第二临时公钥,所述接入网元问候消息包含接入网元标识和接入网元后向随机数;并向第二网元发送所述终端问候消息、所述接入网元问候消息和第一网元后向问候消息,所述第一网元后向问候消息中包含第一网元后向随机数和第一网元签名证书;The authentication message transmission module 701 is configured to receive a terminal hello message, a terminal key exchange message, and an access network element greeting message sent by the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, where the terminal is dense The key exchange message includes a second temporary public key, where the access network element greeting message includes an access network element identifier and a backward random number of the access network element, and sends the terminal greeting message to the second network element, and the connection And a first network element backward greeting message, where the first network element includes a first network element, and then a random number and a first network element signature certificate;
鉴权向量信息获取模块702,用于获取鉴权向量信息,所述鉴权向量信息中需要终端验证的信息使用第二网元签名私钥进行签名;The authentication vector information obtaining module 702 is configured to obtain the authentication vector information, where the information required to be verified by the terminal in the authentication vector information is signed by using the second network element signature private key;
鉴权模块703,用于生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获得的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥和所述第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行完整性计算产生第一消息完整性计算结果,并向所述接入网元发送所述鉴权向量信息、包含第一临时公钥的第一网元密钥交换消息、第一网元前向问候消息和第一消息完整性计算结果;以及使用所述第一一致性检查密钥对所述第一网元前向问候消息和终端问候消息进行消息完整性计算产生第七消息完整性计算结果,使用生成的所述第七消息完整性计算结果验证终端发送的第三消息完整性计算结果;验证成功后,所述第一网元通过所述接入网元向所述终端发送第一网元鉴权成功消息。The authentication module 703 is configured to generate a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, and use the obtained authentication vector information, the second temporary public key, Generating a first consistency check key by using the first network element exchange private key and the first temporary private key, and using the first consistency check key to greet the terminal with the first network element Performing an integrity calculation on the hello calculation to generate a first message integrity calculation result, and sending the authentication vector information, the first network element key exchange message including the first temporary public key, and the first a network element forward greeting message and a first message integrity calculation result; and performing message integrity calculation on the first network element forward greeting message and the terminal greeting message using the first consistency check key to generate a seventh The result of the message integrity calculation is used to verify the third message integrity calculation result sent by the terminal by using the generated seventh message integrity calculation result; after the verification is successful, the first network element passes the access network element to the Terminal sending NE authentication success message.
较佳地,在终端初始认证阶段,所述鉴权模块还用于使用保存的查询中心的签名证书对第一网元后向问候消息、终端标识和终端的交换公钥的签名进行验证,以便验证成功后,生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息。Preferably, in the initial authentication phase of the terminal, the authentication module is further configured to verify, by using the saved certificate of the query center, the signature of the first network element to the greeting message, the terminal identifier, and the exchange public key of the terminal, so that After the verification succeeds, the first temporary public-private key pair and the first network element forward greeting message including the first network element forward random number are generated.
较佳地,所述鉴权模块生成第一一致性检查密钥时,具体用于:Preferably, when the authentication module generates the first consistency check key, it is specifically used to:
将第一网元交换私钥与所述第二临时公钥进行点乘计算出第三密钥种子,将终端交换公钥与所述第一临时私钥进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到第四密钥;Calculating a third key seed by multiplying the first network element exchange private key and the second temporary public key, and multiplying the terminal exchange public key and the first temporary private key to calculate a fourth key seed Performing a one-way operation on the third key seed and the fourth key seed to obtain a fourth key;
利用所述第四密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第一一致性检查密钥。And generating, by using the fourth key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number, a first consistency check key.
基于与方法同样的发明构思,本申请实施例还提供一种第二网元,其结构如图8所示,具体包括:鉴权向量信息发送模块801,用于向第一网元发送鉴权向量信息,所述鉴权向量信息中需要发送给终端的信息使用第二网元签名私钥进行签名。Based on the same inventive concept as the method, the embodiment of the present application further provides a second network element, which is configured as shown in FIG. 8 , and specifically includes: an authentication vector information sending module 801, configured to send an authentication to the first network element. The vector information, the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key.
较佳地,在终端的初始认证阶段,所述鉴权信息发送模块具体用于:Preferably, in the initial authentication phase of the terminal, the authentication information sending module is specifically configured to:
查找所述终端标识对应的所述终端的交换公钥;向查询中心发送所述接入网元问候消息、所述第一网元后向问候消息、所述终端标识和所述终端的交换公钥;获取使用查询中心签名私钥对第一网元后向问候消息和携带第一网元的签名证书及验证结果、终端标识和 所述终端的交换公钥的消息进行的签名,使用查询中心签名私钥对所述接入网元问候消息进行的签名,所述第一网元的交换公钥、所述第一网元标识、所述接入网元的交换公钥和所述接入网元标识;使用所述查询中心的签名证书验证签名正确后,向所述第一网元发送鉴权向量信息,所述鉴权向量信息包括:接入网元的交换公钥,第一网元的交换公钥,终端标识,终端的交换公钥,使用第二网元签名私钥对终端问候消息、接入网元的交换公钥和第一网元的交换公钥进行的签名,使用查询中心的签名私钥对接入网元问候消息、终端标识、终端的交换公钥、接入网元的交换公钥和第一网元的交换公钥进行的签名,使用查询中心的签名私钥对第一网元后向问候消息、终端标识和终端的交换公钥进行的签名。Searching for the exchange public key of the terminal corresponding to the terminal identifier; sending the access NE greeting message, the first network element backward greeting message, the terminal identifier, and the exchange of the terminal to the query center The key is obtained by using the query center signature private key, the first network element backward greeting message, the signature certificate carrying the first network element, the verification result, the terminal identifier, and The signature of the exchanged public key of the terminal, the signature of the access NE greeting message by using the query center signature private key, the exchanged public key of the first network element, and the first network element identifier And the access public key of the access network element and the identifier of the access network element; after the signature of the query center is used to verify that the signature is correct, the authentication vector information is sent to the first network element, where the authentication is performed. The vector information includes: the exchange public key of the access network element, the exchange public key of the first network element, the terminal identifier, the exchange public key of the terminal, and the exchange of the terminal greeting message and the access network element by using the second network element signature private key The signature of the public key and the exchanged public key of the first network element, using the signature private key of the query center to access the network element greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the first The signature of the exchanged public key of the network element, using the signature private key of the query center, to sign the first network element to the greeting message, the terminal identifier, and the exchange public key of the terminal.
基于与方法同样的发明构思,本申请实施例还提供一种查询中心,其结构如图9所示,具体包括:Based on the same inventive concept as the method, the embodiment of the present application further provides a query center, and the structure thereof is as shown in FIG. 9 , and specifically includes:
信息获取模块901,用于所述第一网元标识对应的第一网元的交换公钥并验证第一网元签名证书,并获取所述接入网元标识对应的接入网元的交换公钥;The information obtaining module 901 is configured to exchange the public key of the first network element corresponding to the first network element identifier, and verify the first network element signature certificate, and obtain the exchange of the access network element corresponding to the access network element identifier. Public key
信息发送模块902,用于生成携带第一网元的签名证书及验证结果、终端标识和所述终端的交换公钥的消息,对第一网元后向问候消息和生成的所述消息进行签名,对所述接入网元问候消息进行签名,将所述两个签名、所述第一网元的交换公钥、所述第一网元标识、所述接入网元的交换公钥和所述接入网元标识发送给所述第二网元。The information sending module 902 is configured to generate a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and sign the first network element to the hello message and the generated message. Signing the access NE greeting message, and the two signatures, the exchange public key of the first network element, the first network element identifier, and the exchange public key of the access network element The access network element identifier is sent to the second network element.
本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art will appreciate that embodiments of the present application can be provided as a method, system, or computer program product. Thus, the present application can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment in combination of software and hardware. Moreover, the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
本申请是参照根据本申请实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (system), and computer program products according to embodiments of the present application. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device. Means for implementing the functions specified in one or more of the flow or in a block or blocks of the flow chart.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device. The apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机 或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that the computer Or performing a series of operational steps on other programmable devices to produce computer-implemented processing such that instructions executed on a computer or other programmable device are provided for implementing a block in a flow or a flow and/or block diagram of the flowchart Or the steps of the function specified in multiple boxes.
尽管已描述了本申请的优选实施例,但本领域内的技术人员一旦得知了基本创造性概念,则可对这些实施例作出另外的变更和修改。所以,所附权利要求意欲解释为包括优选实施例以及落入本申请范围的所有变更和修改。While the preferred embodiment of the present application has been described, it will be apparent that those skilled in the art can make further changes and modifications to the embodiments. Therefore, the appended claims are intended to be interpreted as including the preferred embodiments and the modifications and
显然,本领域的技术人员可以对本申请实施例进行各种改动和变型而不脱离本申请实施例的精神和范围。这样,倘若本申请实施例的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。 It is apparent that those skilled in the art can make various changes and modifications to the embodiments of the present application without departing from the spirit and scope of the embodiments of the present application. Thus, it is intended that the present invention cover the modifications and variations of the embodiments of the present invention.

Claims (19)

  1. 一种网络鉴权认证的方法,其特征在于,包括:A method for network authentication and authentication, comprising:
    终端生成第二临时公私钥对,向接入网元发送终端问候消息和终端密钥交换消息,所述终端问候消息包含终端标识和终端随机数,所述终端密钥交换消息包含第二临时公钥;The terminal generates a second temporary public-private key pair, and sends a terminal hello message and a terminal key exchange message to the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal key exchange message includes the second temporary public key;
    所述接入网元向第一网元发送所述终端问候消息、所述终端密钥交换消息和接入网元问候消息,所述接入网元问候消息包含接入网元标识和接入网元后向随机数;The access network element sends the terminal hello message, the terminal key exchange message, and the access network element hello message to the first network element, where the access network element hello message includes an access network element identifier and access The backward number of the network element;
    所述第一网元向第二网元发送所述终端问候消息、所述接入网元问候消息和第一网元后向问候消息,所述第一网元后向问候消息中包含第一网元后向随机数和第一网元签名证书;The first network element sends the terminal hello message, the access network element greeting message, and the first network element backward greeting message to the second network element, where the first network element backward greeting message includes the first The network element returns a random number and a first network element to sign a certificate;
    第二网元向第一网元发送鉴权向量信息,所述鉴权向量信息中需要终端验证的信息使用第二网元签名私钥进行签名;The second network element sends the authentication vector information to the first network element, where the information required for the terminal verification in the authentication vector information is signed by using the second network element signature private key;
    所述第一网元获取所述鉴权向量信息;The first network element acquires the authentication vector information;
    所述第一网元生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获得的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥和所述第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行完整性计算产生第一消息完整性计算结果,并向所述接入网元发送所述鉴权向量信息、包含第一临时公钥的第一网元密钥交换消息、第一网元前向问候消息和第一消息完整性计算结果;The first network element generates a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, and uses the obtained authentication vector information, the second temporary public key, and the Generating a first consistency check key by using the first network element exchange private key and the first temporary private key, and using the first consistency check key to send the terminal greeting message and the first network element forward The hello calculation of the hello message generates a first message integrity calculation result, and sends the authentication vector information, the first network element key exchange message including the first temporary public key, and the first network to the access network element. The meta-forward greeting message and the first message integrity calculation result;
    所述接入网元生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息,利用获得的鉴权向量信息、所述第二临时公钥、所述接入网元交换私钥和所述接入网元临时私钥生成接入一致性检查密钥,使用所述接入一致性检查密钥对所述终端问候消息和接入网元前向问候消息进行完整性计算产生接入消息完整性计算结果,并向终端发送所述鉴权向量信息、包含接入网元临时公钥的接入网元密钥交换消息、所述接入网元前向问候消息、接入消息完整性计算结果、所述第一网元前向问候消息和所述第一消息完整性计算结果;The access network element generates an access network element temporary public-private key pair and an access network element forward greeting message including a forward random number of the access network element, and uses the obtained authentication vector information and the second temporary public key. The access network element exchange private key and the access network element temporary private key generate an access consistency check key, and use the access consistency check key to the terminal hello message and the access network element. Performing integrity calculation on the forward greeting message to generate an access message integrity calculation result, and transmitting the authentication vector information, the access network element key exchange message including the access network element temporary public key, and the access to the terminal a network element forward greeting message, an access message integrity calculation result, the first network element forward greeting message, and the first message integrity calculation result;
    所述终端使用保存的第二网元的签名证书对接收到的所述鉴权向量信息中的签名进行验证;The terminal verifies the signature in the received authentication vector information by using the saved signature certificate of the second network element;
    验证成功后,所述终端利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥,并利用所述鉴权向量信息、所述终端标识、所述接入网元临时公钥、终端交换私钥、和所述第二临时私钥生成第三一致性检查密钥; After the verification is successful, the terminal generates a second consistency check key by using the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. And generating, by using the authentication vector information, the terminal identifier, the access network element temporary public key, the terminal exchange private key, and the second temporary private key, a third consistency check key;
    所述终端使用所述第二一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将所述第二消息完整性计算结果与第一网元发送的所述第一消息完整性计算结果比对,比对正确后,使用生成的所述第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果;The terminal uses the second consistency check key to perform message integrity calculation on the terminal hello message and the first network element forward greeting message to generate a second message integrity calculation result, and complete the second message complete The result of the calculation is compared with the result of the first message integrity calculation sent by the first network element. After the comparison is correct, the generated second consistency check key is used to forward the first network element to the greeting message and The second message integrity calculation is performed by the terminal greeting message to generate a third message integrity calculation result;
    所述终端使用所述第三一致性检查密钥对所述终端问候消息和接入网元前向问候消息进行消息完整性计算产生第四消息完整性计算结果,将所述第四消息完整性计算结果与接入网元发送的所述接入消息完整性计算结果比对,比对正确后,使用生成的所述第三一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第五消息完整性计算结果;The terminal uses the third consistency check key to perform message integrity calculation on the terminal hello message and the access network element forward greeting message to generate a fourth message integrity calculation result, and complete the fourth message complete The result of the calculation is compared with the calculation result of the integrity of the access message sent by the access network element. After the comparison is correct, the third consistency check key is used to access the NE forward greeting message and The terminal hello message performs a message integrity calculation to generate a fifth message integrity calculation result;
    将所述第五消息完整性计算结果发送给所述接入网元,并将所述第三消息完整性计算结果通过所述接入网元发送给所述第一网元;Transmitting the fifth message integrity calculation result to the access network element, and sending the third message integrity calculation result to the first network element by using the access network element;
    所述接入网元使用所述接入一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第六消息完整性计算结果,使用所述第六消息完整性计算结果验证所述第五消息完整性计算结果,验证成功后,向所述终端发送接入网元鉴权成功消息;The access network element uses the access consistency check key to perform a message integrity calculation on the access NE forward greeting message and the terminal hello message, and generates a sixth message integrity calculation result, using the sixth message complete. The result of the calculation is used to verify the result of the fifth message integrity calculation, and after the verification is successful, the access network element authentication success message is sent to the terminal;
    所述第一网元使用所述第一一致性检查密钥对所述第一网元前向问候消息和终端问候消息进行消息完整性计算产生第七消息完整性计算结果,使用生成的所述第七消息完整性计算结果验证所述第三消息完整性计算结果;验证成功后,所述第一网元通过所述接入网元向所述终端发送第一网元鉴权成功消息。The first network element performs a message integrity calculation on the first network element forward greeting message and the terminal greeting message by using the first consistency check key to generate a seventh message integrity calculation result, and uses the generated The seventh message integrity calculation result verifies the third message integrity calculation result; after the verification is successful, the first network element sends the first network element authentication success message to the terminal by using the access network element.
  2. 根据权利要求1所述的方法,其特征在于,在所述终端的初始认证阶段,所述第二网元向第一网元发送鉴权向量信息,具体包括:The method according to claim 1, wherein in the initial authentication phase of the terminal, the second network element sends the authentication vector information to the first network element, which specifically includes:
    所述第二网元查找所述终端标识对应的所述终端的交换公钥;The second network element searches for an exchange public key of the terminal corresponding to the terminal identifier;
    所述第二网元向查询中心发送所述接入网元问候消息、所述第一网元后向问候消息、所述终端标识和所述终端的交换公钥;Sending, by the second network element, the access NE greeting message, the first network element backward greeting message, the terminal identifier, and the exchange public key of the terminal to the query center;
    所述查询中心获取所述第一网元标识对应的第一网元的交换公钥并验证第一网元签名证书,并获取所述接入网元标识对应的接入网元的交换公钥;生成携带第一网元的签名证书及验证结果、终端标识和所述终端的交换公钥的消息,对第一网元后向问候消息和生成的所述消息进行签名,对所述接入网元问候消息进行签名,将所述两个签名、所述第一网元的交换公钥、所述第一网元标识、所述接入网元的交换公钥和所述接入网元标识发送给所述第二网元;Obtaining, by the query center, the exchange public key of the first network element corresponding to the first network element identifier, and verifying the first network element signature certificate, and acquiring the exchange public key of the access network element corresponding to the access network element identifier Generating a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and signing the first network element to the hello message and the generated message, for the access The NE greeting message is signed, and the two signatures, the exchange public key of the first network element, the first network element identifier, the exchange public key of the access network element, and the access network element Sending an identifier to the second network element;
    所述第二网元使用所述查询中心的签名证书验证签名正确后,向所述第一网元发送鉴权向量信息,所述鉴权向量信息包括:接入网元的交换公钥,第一网元的交换公钥,终端标识,终端的交换公钥,使用第二网元签名私钥对终端问候消息、接入网元的交换公钥和 第一网元的交换公钥进行的签名,使用查询中心的签名私钥对接入网元问候消息、终端标识、终端的交换公钥、接入网元的交换公钥和第一网元的交换公钥进行的签名,使用查询中心的签名私钥对第一网元后向问候消息、终端标识和终端的交换公钥进行的签名;After the second network element uses the signature certificate of the query center to verify that the signature is correct, the second network element sends the authentication vector information to the first network element, where the authentication vector information includes: an exchange public key of the access network element, The exchange public key of a network element, the terminal identifier, and the exchange public key of the terminal, the second network element signature private key, the terminal greeting message, the exchange public key of the access network element, and The signature of the exchanged public key of the first network element, using the signature private key of the query center to access the network element greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the first network element Exchange the signature of the public key, and use the signature private key of the query center to sign the first network element to the hello message, the terminal identifier, and the exchange public key of the terminal;
    所述第一网元生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息之前,该方法还包括:Before the first network element generates the first temporary public-private key pair and the first network element forward greeting message including the first network element forward random number, the method further includes:
    所述第一网元使用保存的查询中心的签名证书对第一网元后向问候消息、终端标识和终端的交换公钥的签名进行验证,以便验证成功后,生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息;The first network element uses the saved certificate of the query center to verify the signature of the first network element to the hello message, the terminal identifier, and the exchange public key of the terminal, so that after the verification succeeds, the first temporary public-private key pair is generated. a first network element forward greeting message including a forward random number of the first network element;
    所述接入网元生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息之前,该方法还包括:Before the access network element generates the access network element temporary public-private key pair and the access network element forward greeting message including the forward random number of the access network element, the method further includes:
    所述接入网元对接入网元问候消息、终端标识、终端的交换公钥、接入网元的交换公钥和第一网元的交换公钥的签名进行验证,以便验证成功后,生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息。The access network element verifies the signatures of the access NE greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the exchange public key of the first network element, so that after the verification succeeds, Generating a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number.
  3. 根据权利要求2所述的方法,其特征在于,所述鉴权向量信息中还包括所述第一网元签名证书及其验证结果,和使用所述第二网元的签名私钥对所述第一网元签名证书及其验证结果进行的签名,所述终端使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验证成功后,该方法还包括:所述终端获取并保存所述第一网元的签名证书;The method according to claim 2, wherein the authentication vector information further includes the first network element signature certificate and a verification result thereof, and the signature private key pair using the second network element a signature of the first network element signature certificate and the verification result thereof. After the terminal successfully verifies the signature of the received authentication vector information by using the saved signature certificate of the second network element, the method further includes: the terminal Obtaining and saving a signature certificate of the first network element;
    和/或,and / or,
    所述鉴权向量信息中还包括:所述第一网元签名证书及其验证结果,和使用所述查询中心的签名私钥对所述第一网元签名证书及其验证结果进行的签名;所述接入网元使用查询中心的签名证书进行验证时,该方法还包括:所述接入网元使用保存的所述查询中心的签名证书对所述第一网元签名证书及其验证结果的签名进行验证,验证成功后,保存所述第一网元的签名证书。The authentication vector information further includes: the first network element signature certificate and a verification result thereof, and a signature of the first network element signature certificate and a verification result thereof by using a signature private key of the query center; When the access network element uses the signature certificate of the query center for verification, the method further includes: the access network element uses the saved signature certificate of the query center to sign the first network element and the verification result thereof. After the verification is successful, the signature of the first network element is saved.
  4. 根据权利要求1所述的方法,其特征在于,在跟踪区域更新阶段,所述鉴权向量信息包括:The method according to claim 1, wherein in the tracking area update phase, the authentication vector information comprises:
    接入网元的交换公钥,第一网元的交换公钥,终端标识,终端的交换公钥,使用第二网元的签名私钥对终端问候消息、接入网元的交换公钥和第一网元的交换公钥进行的签名,和使用第二网元签名私钥对第一网元后向问候消息、终端标识和终端的交换公钥进行的签名。The exchange public key of the access network element, the exchange public key of the first network element, the terminal identifier, the exchange public key of the terminal, the use of the signature private key of the second network element, the exchange of the terminal, the exchange of the public key of the access network element, and The signature of the exchanged public key of the first network element and the signature of the first network element to the greeting message, the terminal identifier, and the exchange public key of the terminal by using the second network element signature private key.
  5. 根据权利要求4所述的方法,其特征在于,所述鉴权向量信息中还包括第一网元签名证书及其验证结果,和使用所述第二网元的签名私钥对所述第一网元签名证书及其验证结果进行的签名,所述终端使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验证成功后,该方法还包括:所述终端获取并保存所述第一网元的签名证书; The method according to claim 4, wherein the authentication vector information further includes a first network element signature certificate and a verification result thereof, and the signature private key pair of the second network element is used to The signature of the network element signature certificate and the verification result thereof. After the terminal successfully verifies the signature of the received authentication vector information by using the saved signature certificate of the second network element, the method further includes: acquiring, by the terminal, Saving a signature certificate of the first network element;
    和/或,and / or,
    所述鉴权向量信息中还包括所述第一网元签名证书及其验证结果;The authentication vector information further includes the first network element signature certificate and a verification result thereof;
    第一网元向所述接入网元发送所述鉴权向量信息、第一网元密钥交换消息、第一网元前向问候消息和第一消息完整性计算结果时,还向所述接入网元发送使用第一网元签名私钥对第一网元签名证书及其验证结果进行的签名;When the first network element sends the authentication vector information, the first network element key exchange message, the first network element forward greeting message, and the first message integrity calculation result to the access network element, The access network element sends a signature of the first network element signature certificate and the verification result thereof by using the first network element signature private key;
    所述接入网元生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息,包括:The access network element generates an access network element temporary public-private key pair and an access network element forward greeting message including the forward random number of the access network element, including:
    所述接入网元使用所述第一网元的签名证书对所述签名进行验证,以便验证成功后,生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息。The access network element uses the signature certificate of the first network element to verify the signature, so that after the verification succeeds, the access network element temporary public-private key pair and the access random number of the access network element are generated. The NE forward greeting message.
  6. 根据权利要求2~5任一项所述的方法,其特征在于,所述终端利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥和所述第二临时私钥生成第二一致性检查密钥,具体包括:The method according to any one of claims 2 to 5, wherein the terminal uses the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the first The second temporary check key generates a second consistency check key, which specifically includes:
    所述终端对所述鉴权向量信息中的终端随机数进行验证,当验证成功后,将终端交换私钥与第一临时公钥进行点乘计算出第一密钥种子,将第一网元交换公钥与第二临时私钥进行点乘计算出第二密钥种子,对所述第一密钥种子和所述第二密钥种子进行单向运算得到第一密钥;The terminal verifies the terminal random number in the authentication vector information. After the verification succeeds, the terminal exchange private key is multiplied by the first temporary public key to calculate the first key seed, and the first network element is obtained. Calculating a second key seed by performing a point multiplication between the exchange public key and the second temporary private key, and performing a one-way operation on the first key seed and the second key seed to obtain a first key;
    所述终端利用所述第一密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第二一致性检查密钥;The terminal generates a second consistency check key by using the first key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number;
    所述终端利用所述鉴权向量信息、所述终端标识、所述接入网元临时公钥、终端交换私钥和所述第二临时私钥生成第三一致性检查密钥,具体包括:The terminal generates a third consistency check key by using the authentication vector information, the terminal identifier, the access network temporary public key, the terminal exchange private key, and the second temporary private key, which specifically includes :
    所述终端对所述鉴权向量信息中的终端随机数进行验证,当验证成功后,将终端交换私钥与接入网元临时公钥进行点乘计算出第五密钥种子,将接入网元交换公钥与第二临时私钥进行点乘计算出第六密钥种子,对所述第五密钥种子和所述第六密钥种子进行单向运算得到第二密钥;The terminal verifies the terminal random number in the authentication vector information. After the verification succeeds, the terminal exchange private key is multiplied by the access network element temporary public key to calculate a fifth key seed, and the access is to be accessed. Calculating a sixth key seed by performing dot multiplication between the network element exchange public key and the second temporary private key, and performing a one-way operation on the fifth key seed and the sixth key seed to obtain a second key;
    所述终端利用所述第二密钥、终端标识、接入网元标识、接入网元前向随机数、和终端随机数,生成第三一致性检查密钥;The terminal generates a third consistency check key by using the second key, the terminal identifier, the access network element identifier, the access network element forward random number, and the terminal random number;
    所述接入网元利用获取的鉴权向量信息、所述第二临时公钥、所述接入网元临时私钥、和接入网元交换私钥生成接入一致性检查密钥,具体包括:The access network element generates an access consistency check key by using the obtained authentication vector information, the second temporary public key, the access network temporary private key, and the access network element exchange private key, specifically include:
    所述接入网元将接入网元交换私钥与所述第二临时公钥进行点乘计算出第七密钥种子,将终端交换公钥与所述接入网元临时私钥进行点乘计算出第八密钥种子,对所述第七密钥种子和第八密钥种子进行单向运算得到第三密钥;The access network element performs a point multiplication by the access network element exchange private key and the second temporary public key to calculate a seventh key seed, and performs a point exchange public key and the access network element temporary private key. Multiplying the eighth key seed, performing a one-way operation on the seventh key seed and the eighth key seed to obtain a third key;
    所述接入网元利用所述第三密钥、终端标识、接入网元标识、接入网元前向随机数、和终端随机数,生成第三一致性检查密钥; The access network element generates a third consistency check key by using the third key, the terminal identifier, the access network element identifier, the access network element forward random number, and the terminal random number;
    所述第一网元利用获取的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥、和所述第一临时私钥生成第一一致性检查密钥,具体包括:The first network element generates a first consistency check key by using the obtained authentication vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key. Specifically include:
    所述第一网元将第一网元交换私钥与所述第二临时公钥进行点乘计算出第三密钥种子,将终端交换公钥与所述第一临时私钥进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到第四密钥;The first network element calculates a third key seed by multiplying the first network element exchange private key and the second temporary public key, and performs point multiplication calculation on the terminal exchange public key and the first temporary private key. a fourth key seed, performing a one-way operation on the third key seed and the fourth key seed to obtain a fourth key;
    所述第一网元利用所述第四密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第一一致性检查密钥。The first network element generates a first consistency check key by using the fourth key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number.
  7. 一种终端,其特征在于,包括:A terminal, comprising:
    鉴权消息发送模块,用于生成第二临时公私钥对,向接入网元发送终端问候消息和终端密钥交换消息,所述终端问候消息包含终端标识和终端随机数,所述终端密钥交换消息包含第二临时公钥;The authentication message sending module is configured to generate a second temporary public-private key pair, and send a terminal greeting message and a terminal key exchange message to the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal key The exchange message contains a second temporary public key;
    鉴权模块,用于使用保存的第二网元的签名证书对接收到的所述鉴权向量信息中的签名进行验证;An authentication module, configured to verify, by using the saved signature certificate of the second network element, the received signature in the authentication vector information;
    密钥生成模块,用于所述鉴权模块验证成功后,利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥,并利用所述鉴权向量信息、所述终端标识、所述接入网元临时公钥、终端交换私钥、和所述第二临时私钥生成第三一致性检查密钥;a key generation module, configured to use the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key after the authentication module succeeds Generating a second consistency check key, and generating a third by using the authentication vector information, the terminal identifier, the access network element temporary public key, the terminal exchange private key, and the second temporary private key Consistency check key;
    消息完整性检验模块,用于使用所述第二一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将所述第二消息完整性计算结果与第一网元发送的所述第一消息完整性计算结果比对,比对正确后,使用生成的所述第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果;使用所述第三一致性检查密钥对所述终端问候消息和接入网元前向问候消息进行消息完整性计算产生第四消息完整性计算结果,将所述第四消息完整性计算结果与接入网元发送的所述接入消息完整性计算结果比对,比对正确后,使用生成的所述第三一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第五消息完整性计算结果;将所述第五消息完整性计算结果发送给所述接入网元,并将所述第三消息完整性计算结果通过所述接入网元发送给所述第一网元。a message integrity check module, configured to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message by using the second consistency check key to generate a second message integrity calculation result, where The second message integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to match the first network element. Performing a second message integrity calculation on the forward message and the terminal greeting message to generate a third message integrity calculation result; using the third consistency check key to send the terminal greeting message and the access network element forward greeting The message integrity calculation is performed to generate a fourth message integrity calculation result, and the fourth message integrity calculation result is compared with the access message integrity calculation result sent by the access network element, and after the comparison is correct, the message is used. Generating the third consistency check key to generate a fifth message integrity calculation result by performing message integrity calculation on the access network element forward greeting message and the terminal greeting message; Message integrity calculation result is sent to the access network element, to the first network element and the third message is sent via the integrity evaluation result of the access network element.
  8. 根据权利要求7所述的终端,其特征在于,所述鉴权向量信息中包括所述第一网元签名证书及其验证结果,和使用所述第二网元的签名私钥对所述第一网元签名证书及其验证结果进行的签名,所述终端还包括:The terminal according to claim 7, wherein the authentication vector information includes the first network element signature certificate and a verification result thereof, and the signature private key pair of the second network element is used. a network element signature certificate and a signature of the verification result thereof, the terminal further includes:
    签名证书保存模块,用于在所述鉴权模块验证成功后,获取并保存所述第一网元的签名证书。And a signature certificate saving module, configured to acquire and save a signature certificate of the first network element after the authentication module succeeds in verifying.
  9. 根据权利要求8所述的终端,其特征在于,所述密钥生成模块具体用于: The terminal according to claim 8, wherein the key generation module is specifically configured to:
    对所述鉴权向量信息中的终端随机数进行验证,当验证成功后,将终端交换私钥与第一临时公钥进行点乘计算出第一密钥种子,将第一网元交换公钥与第二临时私钥进行点乘计算出第二密钥种子,对所述第一密钥种子和所述第二密钥种子进行单向运算得到第一密钥;Verifying the terminal random number in the authentication vector information. After the verification succeeds, the terminal exchange private key is multiplied by the first temporary public key to calculate the first key seed, and the first network element is exchanged with the public key. Performing a point multiplication with the second temporary private key to calculate a second key seed, and performing a one-way operation on the first key seed and the second key seed to obtain a first key;
    利用所述第一密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第二一致性检查密钥;Generating a second consistency check key by using the first key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number;
    对所述鉴权向量信息中的终端随机数进行验证,当验证成功后,将终端交换私钥与接入网元临时公钥进行点乘计算出第五密钥种子,将接入网元交换公钥与第二临时私钥进行点乘计算出第六密钥种子,对所述第五密钥种子和所述第六密钥种子进行单向运算得到第二密钥;The terminal random number in the authentication vector information is verified. After the verification succeeds, the terminal exchange private key is multiplied by the access network element temporary public key to calculate a fifth key seed, and the access network element is exchanged. Calculating a sixth key seed by performing point multiplication on the public key and the second temporary private key, and performing a one-way operation on the fifth key seed and the sixth key seed to obtain a second key;
    利用所述第二密钥、终端标识、接入网元标识、接入网元前向随机数、和终端随机数,生成第三一致性检查密钥。The third consistency check key is generated by using the second key, the terminal identifier, the access network element identifier, the access network element forward random number, and the terminal random number.
  10. 一种接入网元,其特征在于,包括:An access network element, comprising:
    鉴权消息传输模块,用于接收终端发送的终端问候消息和终端密钥交换消息,所述终端问候消息包含终端标识和终端随机数,所述终端密钥交换消息包含第二临时公钥;向第一网元发送所述终端问候消息、所述终端密钥交换消息和接入网元问候消息,所述接入网元问候消息包含接入网元标识和接入网元后向随机数;The authentication message transmission module is configured to receive a terminal greeting message and a terminal key exchange message sent by the terminal, where the terminal greeting message includes a terminal identifier and a terminal random number, and the terminal key exchange message includes a second temporary public key; The first network element sends the terminal hello message, the terminal key exchange message, and the access network element greeting message, where the access network element greeting message includes an access network element identifier and a backward random number of the access network element;
    鉴权模块,用于生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息,利用获得的鉴权向量信息、所述第二临时公钥、所述接入网元交换私钥和所述接入网元临时私钥生成接入一致性检查密钥,使用所述接入一致性检查密钥对所述终端问候消息和接入网元前向问候消息进行完整性计算产生接入消息完整性计算结果,并向终端发送所述鉴权向量信息、包含接入网元临时公钥的接入网元密钥交换消息、所述接入网元前向问候消息、接入消息完整性计算结果、所述第一网元前向问候消息和所述第一消息完整性计算结果;以及使用所述接入一致性检查密钥对接入网元前向问候消息和终端问候消息进行消息完整性计算产生第六消息完整性计算结果,使用所述第六消息完整性计算结果验证终端发送的第五消息完整性计算结果,验证成功后,向所述终端发送接入网元鉴权成功消息。The authentication module is configured to generate an access network element temporary public-private key pair and an access network element forward greeting message including the access network element forward random number, and use the obtained authentication vector information and the second temporary public key The access network element exchange private key and the access network element temporary private key generate an access consistency check key, and use the access consistency check key to the terminal hello message and the access network element. Performing integrity calculation on the forward greeting message to generate an access message integrity calculation result, and transmitting the authentication vector information, the access network element key exchange message including the access network element temporary public key, and the access to the terminal a network element forward greeting message, an access message integrity calculation result, the first network element forward greeting message, and the first message integrity calculation result; and access using the access consistency check key pair The message integrity calculation is performed by the network element forward greeting message and the terminal greeting message to generate a sixth message integrity calculation result, and the sixth message integrity calculation result is used to verify the fifth message integrity calculation result sent by the terminal, and the verification result is verified. After the terminal to access network element transmits the authentication success message.
  11. 根据权利要求10所述的接入网元,其特征在于,在初始认证阶段,所述鉴权模块还用于:The access network element according to claim 10, wherein in the initial authentication phase, the authentication module is further configured to:
    对接入网元问候消息、终端标识、终端的交换公钥、接入网元的交换公钥和第一网元的交换公钥的签名进行验证,以便验证成功后,生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息。The access network element greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the signature of the exchange public key of the first network element are verified, so that after the verification succeeds, the first temporary public and private key is generated. Forwarding a message to the first network element that includes the first network element forward random number.
  12. 根据权利要求10所述的接入网元,其特征在于,在跟踪区域更新阶段,所述鉴 权向量信息中还包括所述第一网元签名证书及其验证结果;所述接入网元接收到所述所述鉴权向量信息时,还接收到使用第一网元签名私钥对第一网元签名证书及其验证结果进行的签名;所述鉴权模块生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息时,具体用于:The access network element according to claim 10, wherein in the tracking area update phase, the method is The weight vector information further includes the first network element signature certificate and a verification result thereof; when the access network element receives the authentication vector information, the access network element further receives the first network element signature private key pair. a signature of the network element signature certificate and the verification result thereof; when the authentication module generates the access network element temporary public-private key pair and the access network element forward greeting message including the forward random number of the access network element, the specific use to:
    使用所述第一网元的签名证书对所述签名进行验证,以便验证成功后,生成接入网元临时公私钥对和包含接入网元前向随机数的接入网元前向问候消息。The signature is verified by using the signature certificate of the first network element, so that after the verification succeeds, the access network element temporary public-private key pair and the access network element forward greeting message including the access network element forward random number are generated. .
  13. 根据权利要求11或12所述的接入网元,其特征在于,所述鉴权模块生成接入一致性检查密钥时,具体用于:The access network element according to claim 11 or 12, wherein when the authentication module generates an access consistency check key, it is specifically used to:
    将接入网元交换私钥与所述第二临时公钥进行点乘计算出第七密钥种子,将终端交换公钥与所述接入网元临时私钥进行点乘计算出第八密钥种子,对所述第七密钥种子和第八密钥种子进行单向运算得到第三密钥;Calculating the seventh key seed by multiplying the access network element exchange private key and the second temporary public key, and multiplying the terminal exchange public key by the access network element temporary private key to calculate the eighth key a key seed, performing a one-way operation on the seventh key seed and the eighth key seed to obtain a third key;
    利用所述第三密钥、终端标识、接入网元标识、接入网元前向随机数、和终端随机数,生成第三一致性检查密钥。The third consistency check key is generated by using the third key, the terminal identifier, the access network element identifier, the access network element forward random number, and the terminal random number.
  14. 一种第一网元,其特征在于,包括:A first network element, comprising:
    鉴权消息传输模块,用于接收接入网元发送的终端问候消息、终端密钥交换消息和接入网元问候消息,所述终端问候消息包含终端标识和终端随机数,所述终端密钥交换消息包含第二临时公钥,所述接入网元问候消息包含接入网元标识和接入网元后向随机数;并向第二网元发送所述终端问候消息、所述接入网元问候消息和第一网元后向问候消息,所述第一网元后向问候消息中包含第一网元后向随机数和第一网元签名证书;The authentication message transmission module is configured to receive a terminal greeting message, a terminal key exchange message, and an access network element greeting message sent by the access network element, where the terminal hello message includes a terminal identifier and a terminal random number, and the terminal key The exchange message includes a second temporary public key, where the access network element greeting message includes an access network element identifier and a backward random number of the access network element, and sends the terminal hello message to the second network element, where the access message a network element greeting message and a first network element backward greeting message, where the first network element backwards greeting message includes a first network element, and then a random number and a first network element signature certificate;
    鉴权向量信息获取模块,用于获取鉴权向量信息,所述鉴权向量信息中需要终端验证的信息使用第二网元签名私钥进行签名;The authentication vector information acquiring module is configured to obtain the authentication vector information, where the information required to be verified by the terminal in the authentication vector information is signed by using the second network element signature private key;
    鉴权模块,用于生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获得的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥和所述第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行完整性计算产生第一消息完整性计算结果,并向所述接入网元发送所述鉴权向量信息、包含第一临时公钥的第一网元密钥交换消息、第一网元前向问候消息和第一消息完整性计算结果;以及使用所述第一一致性检查密钥对所述第一网元前向问候消息和终端问候消息进行消息完整性计算产生第七消息完整性计算结果,使用生成的所述第七消息完整性计算结果验证终端发送的第三消息完整性计算结果;验证成功后,所述第一网元通过所述接入网元向所述终端发送第一网元鉴权成功消息。An authentication module, configured to generate a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, using the obtained authentication vector information, the second temporary public key, and the Generating a first consistency check key by using the first network element exchange private key and the first temporary private key, and using the first consistency check key to send the terminal greeting message and the first network element forward The hello calculation of the hello message generates a first message integrity calculation result, and sends the authentication vector information, the first network element key exchange message including the first temporary public key, and the first network to the access network element. a meta-forward greeting message and a first message integrity calculation result; and performing a message integrity calculation on the first network element forward greeting message and the terminal greeting message using the first consistency check key to generate a seventh message The integrity calculation result is used to verify the third message integrity calculation result sent by the terminal by using the generated seventh message integrity calculation result; after the verification is successful, the first network element passes the access network element to the terminal Send first Yuan authentication success message.
  15. 根据权利要求14所述的第一网元,其特征在于,在终端初始认证阶段,所述鉴权模块还用于使用保存的查询中心的签名证书对第一网元后向问候消息、终端标识和终端的交换公钥的签名进行验证,以便验证成功后,生成第一临时公私钥对和包含第一网元前 向随机数的第一网元前向问候消息。The first network element according to claim 14, wherein in the initial authentication stage of the terminal, the authentication module is further configured to use the saved certificate of the query center to forward the first message to the hello message and the terminal identifier. And verifying the signature of the exchanged public key of the terminal, so that after the verification succeeds, the first temporary public-private key pair is generated and the first network element is included. Forward the message to the first network element of the random number.
  16. 根据权利要求15所述的第一网元,其特征在于,所述鉴权模块生成第一一致性检查密钥时,具体用于:The first network element according to claim 15, wherein when the authentication module generates the first consistency check key, it is specifically used to:
    将第一网元交换私钥与所述第二临时公钥进行点乘计算出第三密钥种子,将终端交换公钥与所述第一临时私钥进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到第四密钥;Calculating a third key seed by multiplying the first network element exchange private key and the second temporary public key, and multiplying the terminal exchange public key and the first temporary private key to calculate a fourth key seed Performing a one-way operation on the third key seed and the fourth key seed to obtain a fourth key;
    利用所述第四密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第一一致性检查密钥。And generating, by using the fourth key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number, a first consistency check key.
  17. 一种第二网元,其特征在于,包括:A second network element, comprising:
    鉴权向量信息发送模块,用于向第一网元发送鉴权向量信息,所述鉴权向量信息中需要终端验证的信息使用第二网元签名私钥进行签名。The authentication vector information sending module is configured to send the authentication vector information to the first network element, where the information required for the terminal verification in the authentication vector information is signed by using the second network element signature private key.
  18. 根据权利要求17所述的第二网元,其特征在于,在终端的初始认证阶段,所述鉴权信息发送模块具体用于:The second network element according to claim 17, wherein in the initial authentication phase of the terminal, the authentication information sending module is specifically configured to:
    查找所述终端标识对应的所述终端的交换公钥;向查询中心发送所述接入网元问候消息、所述第一网元后向问候消息、所述终端标识和所述终端的交换公钥;获取使用查询中心签名私钥对第一网元后向问候消息和携带第一网元的签名证书及验证结果、终端标识和所述终端的交换公钥的消息进行的签名,使用查询中心签名私钥对所述接入网元问候消息进行的签名,所述第一网元的交换公钥、所述第一网元标识、所述接入网元的交换公钥和所述接入网元标识;使用所述查询中心的签名证书验证签名正确后,向所述第一网元发送鉴权向量信息,所述鉴权向量信息包括:接入网元的交换公钥,第一网元的交换公钥,终端标识,终端的交换公钥,使用第二网元签名私钥对终端问候消息、接入网元的交换公钥和第一网元的交换公钥进行的签名,使用查询中心的签名私钥对接入网元问候消息、终端标识、终端的交换公钥、接入网元的交换公钥和第一网元的交换公钥进行的签名,使用查询中心的签名私钥对第一网元后向问候消息、终端标识和终端的交换公钥进行的签名。Searching for the exchange public key of the terminal corresponding to the terminal identifier; sending the access NE greeting message, the first network element backward greeting message, the terminal identifier, and the exchange of the terminal to the query center The key is obtained by using the query center to sign the first network element and the signature message and the verification result, the terminal identifier, and the exchange public key of the terminal. Signing of the access NE greeting message by the signature private key, the exchange public key of the first network element, the first network element identifier, the exchange public key of the access network element, and the access The network element identifier is used to send the authentication vector information to the first network element, and the authentication vector information includes: an exchange public key of the access network element, the first network The exchange public key of the element, the terminal identifier, the exchange public key of the terminal, and the signature of the terminal greeting message, the exchange public key of the access network element, and the exchange public key of the first network element by using the second network element signature private key, Query center The private key pairs the access NE greeting message, the terminal identifier, the exchange public key of the terminal, the exchange public key of the access network element, and the exchange public key of the first network element, and use the signature private key pair of the query center. The signature of a network element to the greeting message, the terminal identifier, and the exchange public key of the terminal.
  19. 一种查询中心,其特征在于,包括:An inquiry center, comprising:
    信息获取模块,用于所述第一网元标识对应的第一网元的交换公钥并验证第一网元签名证书,并获取所述接入网元标识对应的接入网元的交换公钥;The information acquisition module is configured to exchange the public key of the first network element corresponding to the first network element identifier, and verify the first network element signature certificate, and obtain the exchange of the access network element corresponding to the access network element identifier. key;
    信息发送模块,用于生成携带第一网元的签名证书及验证结果、终端标识和所述终端的交换公钥的消息,对第一网元后向问候消息和生成的所述消息进行签名,对所述接入网元问候消息进行签名,将所述两个签名、所述第一网元的交换公钥、所述第一网元标识、所述接入网元的交换公钥和所述接入网元标识发送给所述第二网元。 The information sending module is configured to generate a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and sign the first network element back greeting message and the generated message, Signing the access NE greeting message, the two signatures, the exchange public key of the first network element, the first network element identifier, the exchange public key of the access network element, and the The access network element identifier is sent to the second network element.
PCT/CN2015/074961 2014-03-27 2015-03-24 Network authentication method and device WO2015144041A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410120400.6 2014-03-27
CN201410120400.6A CN104955039B (en) 2014-03-27 2014-03-27 A kind of method and apparatus of network authentication certification

Publications (1)

Publication Number Publication Date
WO2015144041A1 true WO2015144041A1 (en) 2015-10-01

Family

ID=54169314

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/074961 WO2015144041A1 (en) 2014-03-27 2015-03-24 Network authentication method and device

Country Status (2)

Country Link
CN (1) CN104955039B (en)
WO (1) WO2015144041A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108270560A (en) * 2017-01-03 2018-07-10 中兴通讯股份有限公司 A kind of cipher key transmission methods and device

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108282780A (en) * 2017-01-05 2018-07-13 中兴通讯股份有限公司 A kind of key transmission method and device
CN107172105A (en) * 2017-05-13 2017-09-15 深圳市欧乐在线技术发展有限公司 One kind realizes multiple services safety certifying method and system
CN107302535A (en) * 2017-06-28 2017-10-27 深圳市欧乐在线技术发展有限公司 A kind of access authentication method and device
CN112019647A (en) 2018-02-12 2020-12-01 华为技术有限公司 Method and device for obtaining equipment identifier
CN110393022A (en) * 2018-02-22 2019-10-29 联发科技(新加坡)私人有限公司 The trace regions of intersystem handover update process and improve in mobile communication
CN108390885B (en) * 2018-03-01 2020-08-07 北京华为数字技术有限公司 Method for obtaining equipment identification, communication entity, communication system and storage medium
CN118200914A (en) * 2022-12-14 2024-06-14 华为技术有限公司 Communication method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101557286A (en) * 2008-04-08 2009-10-14 鸿富锦精密工业(深圳)有限公司 Secure transmission system and method
CN102036238A (en) * 2010-12-27 2011-04-27 中国科学院软件研究所 Method for realizing user and network authentication and key distribution based on public key
US20120331295A1 (en) * 2011-06-21 2012-12-27 Chien-Chao Tseng Method for key generation, member authentication, and communication security in dynamic group

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080292105A1 (en) * 2007-05-22 2008-11-27 Chieh-Yih Wan Lightweight key distribution and management method for sensor networks
CN101394412B (en) * 2008-09-28 2012-03-07 西安西电捷通无线网络通信股份有限公司 Method for preventing the first message of security protocol from being forged
CN102026178B (en) * 2010-12-31 2013-06-12 成都三零瑞通移动通信有限公司 User identity protection method based on public-key mechanism

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101557286A (en) * 2008-04-08 2009-10-14 鸿富锦精密工业(深圳)有限公司 Secure transmission system and method
CN102036238A (en) * 2010-12-27 2011-04-27 中国科学院软件研究所 Method for realizing user and network authentication and key distribution based on public key
US20120331295A1 (en) * 2011-06-21 2012-12-27 Chien-Chao Tseng Method for key generation, member authentication, and communication security in dynamic group

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108270560A (en) * 2017-01-03 2018-07-10 中兴通讯股份有限公司 A kind of cipher key transmission methods and device
CN108270560B (en) * 2017-01-03 2023-06-09 中兴通讯股份有限公司 Key transmission method and device

Also Published As

Publication number Publication date
CN104955039B (en) 2019-10-25
CN104955039A (en) 2015-09-30

Similar Documents

Publication Publication Date Title
Kaur et al. A lightweight and privacy-preserving authentication protocol for mobile edge computing
WO2015144041A1 (en) Network authentication method and device
Cao et al. LSAA: A lightweight and secure access authentication scheme for both UE and mMTC devices in 5G networks
US10638321B2 (en) Wireless network connection method and apparatus, and storage medium
US7715822B2 (en) Secure bootstrapping for wireless communications
EP2868029B1 (en) Key agreement for wireless communication
US8559633B2 (en) Method and device for generating local interface key
KR102112542B1 (en) Method and system for generating session key using Diffie-Hellman procedure
US20070192602A1 (en) Clone resistant mutual authentication in a radio communication network
WO2015144042A1 (en) Method and device for network authentication certification
JP2014180062A (en) Secure session key generation
WO2012097723A1 (en) Method, network side entity and communication terminal for protecting data security
JP2012019511A (en) System and method of safety transaction between wireless communication apparatus and server
CN110536292A (en) The method and apparatus and authentication method and device of transmission terminal serial number
WO2020216338A1 (en) Parameter sending method and apparatus
CN111641498A (en) Key determination method and device
Singh et al. Elliptic curve cryptography based mechanism for secure Wi-Fi connectivity
CN101547091A (en) Method and device for transmitting information
WO2018126783A1 (en) Key transmission method, device, and computer storage medium
Franklin et al. Enhanced authentication protocol for improving security in 3GPP LTE networks
Wang et al. Mutually Identity Authentications in GSM-based Anonymous Communications
ELNagar et al. Moderate EAP-TLS Protocol-A New Approche

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15769114

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15769114

Country of ref document: EP

Kind code of ref document: A1